52 results about "Impersonation attack" patented technology

A communication device is secure against an impersonation attack as well. The communication device secretly communicates, with an external device, target data with use of a key shared with the external device. Without being known to a third party, the communication device generates a key shared with the external device using a scheme of which security is proved. Validity of the external device is determined by authentication with use of a key dependent function that is shared with the external device and is dependent on the shared key. If the external device is determined to be valid, for secretly communicating the target data, verification data for verifying validity of the target data is generated from the target data with use of the key dependent function.

The invention discloses a repeating data deleting system and method applicable to cloud storage. The repeating data deleting system is based on strategies, a security agent and a random storage mechanism are adopted, a storage service is separated from a security service, the space utilization rate of cloud storage is improved, bandwidth occupation of redundant data is reduced, and security of user data and privacies is improved at the same time. The system is mainly composed of a client, the security agent and the cloud storage, wherein the security agent is the most secure core and is mainly used for ensuring the security of the user data and privacies. The repeating data deleting system and method applicable to cloud storage have the advantages of being high in security, system efficiency, bandwidth utilization rate and the like, and can resist replay attack, impersonation attack and security threats brought by partially trusted cloud storage providers.

A method for resisting primary user impersonation attacks in cognitive radio belongs to the technical field of radio communication, particularly relates to sensing and processing of the signals in the cognitive radio system and identification of a signal source. The method comprises the following steps: reducing noise of a composite signal which is received during a spectrum sensing process, estimating number of the signal sources in the composite signal, and reconstructing various signals by a Capon beamformer; separating the signals of different radios, focusing the signals of different radios to separate out a transient signal and a modulation signal, analyzing the transient signal by wavelet transformation; extracting characteristic parameters and realizing identification of the signal source. The method for resisting the primary user impersonation attacks helps realize effective identification of the signal source and effectively resist the primary user impersonation attacks; and the method has a wide application scope, does not change a working mode of the existing primary user network, and satisfies operation requirements of FCC for a cognitive network.

The invention discloses an IBAKA (Identity Based Authentication and Key Agreement) method. The method comprises the following steps that: a user at a sending terminal generates first authentication data for authenticating the identity of the user at the sending terminal and sends the first authentication data to a user at a receiving terminal; the user at the receiving terminal carries out legality authentication on the identity of the user at the sending terminal according to the received first authentication data; if authenticating that the identity of the user at the sending terminal is legal, the user at the receiving terminal generates second authentication data which does not contain key information of the user at the sending terminal, sends the second authentication data to the user at the sending terminal and generates a conversation key of the receiving terminal; the user at the sending terminal carries out legality authentication on the identity of the user at the receiving terminal according to the received second authentication data; and if the identity of the user at the receiving terminal is authenticated to be legal by a sensing terminal, the user at the sending terminal generates a conversation key of the sending terminal. The method disclosed by the invention can be used for solving the problem that a risk of denial of service attack, key leakage impersonation attack or temporal key leakage attack exists in an IBAKA protocol.

The invention discloses an identity authentication method during a quantum secret key application process. The identity authentication method includes the steps: a quantum network deployment phase, a preparation initial phase, a secret key preparation phase, an identity authentication phase and a secret key application phase. During an abstract extraction process, as the identity authentication method uses a quantum secret key and the quantum secret key is provided with true randomness, the difficulty for performing reverse operation on the abstract can be further reduced and the safety for information transmission can be improved; and at the same time, after accomplishment of one time of session identity authentication, only a device for identity authentication is allowed to apply for a secret key, so that the safety is further improved through verification of the device information, and during the process, a session ID is in continuous changing state and depends on a plurality of factors, so that a large amount of impersonation attack can be timely eliminated through verification of the session ID. For the identity authentication method during a quantum secret key application process, the secret key is applied to the quantum secret key application process to verify the legal identity between two parties for communication, so that verification of the legal identity of the opposite side between the two parties for communication can be realized and the required data for verification has absolute safety during the transmission process in the network.

The invention provides a method for realizing dependable SSH based on dependable computing. The method integrates remote authentication of the dependable computing with key exchange of an SSH protocol so as to closely combine platform status information verification with session key negotiation; and the method enhances the security of data at a communication end point on the premise that safe transmission of the data is ensured. The method requires that both a server and a client are provided with dependable security chips; and the platform status can be measured by a measurement module and a dependable operating system. The method can not only effectively prevent the security threat that the communication with an unknown end point by using a security channel may undergo various attacks in the SSH protocol, but also effectively protect against replay attack, impersonation attack and man-in-the-middle attack.

The invention discloses a low-complexity identity authentication method based on an intelligent card and under a multiserver environment. The low-complexity identity authentication method comprises the steps of registering, logging and authentication, wherein the registering further comprises the steps that registering information of a user is converted by a registration center and the intelligent card and then is stored in the intelligent card; the logging further comprises the steps that the intelligent card carries out local legitimacy verification on the identity of the user, and if the identity of the user is legitimate, a random number is generated, and first verification data are generated and sent to a server; the authentication further comprises the steps that the server carries out the legitimacy verification on the identity of the user, and if the identity of the user is legitimate, second verification data are generated and sent to the intelligent card; the intelligent card carries out the legitimacy verification on the identity of the server, and if the identity of the server is legitimate, third verification data are generated and sent to the server; the server carries out secondary verification on the identity of the user, and if the identity of the user is legitimate, the server and the intelligent card generate the same session key. The low-complexity identity authentication method avoids intelligent card losing attacks and impersonation attacks.

The invention discloses an automobile remote-control key-free door control identity authentication method. In the invention, an automobile ID, a remote controller ID and a 38-bit synchronous code are used for generating a 128-bit plain text; the 128-bit plain text is composed of two parts, the front 64 bits are a plain text, and the rear 64 bits are a plain text; a 64-bit ciphertext is subject toAES encryption by using a 128-bit dynamic key; the 128-bit plain text is subject to AES encryption by using a fixed key to obtain a 128-bit ciphertext; the 128-bit ciphertext is transmitted to an automobile decoder; the automobile decoder decodes the received 128-bit ciphertext into the 64-bit ciphertext and the 64-bit plain text; a received automobile CID and a received remote controller FID arecompared with an automobile CID' and anremote controller FID' which are stored by the automobile, thereby completing a first authentication; and the dynamic key is used for decryption and compares identity codes to complete a second authentication. The invention protects the data transmission by AES encryption of the fixed key and the dynamic key, and can carry out authentication twice by only carrying out communication once in the whole authentication process. The invention can effectively resist strong attacks, and deny service attacks, impersonation attacks and other common attacks.

The invention discloses a physical layer authentication method based on multi-carrier transmission. According to the method, based on the multi-carrier transmission, channels are regarded as a set of M fading sub-channels, and the reciprocity and randomness of phase responses of the sub-channels are used for performing on identity authentication on both parties of communication. The method includes the implementation steps that Alice transmits an excitation signal to Bob, the phase difference of the multi-carrier channels is measured after Bob receives the excitation signal, then Bob transmits a signal where a shared secrete key is packaged to Alice, and Alice authenticates whether the signal is from Bob or not according to the received signal and the shared secrete key. According to the authentication process of the method, the characteristics of the phase responses of the channels are used, and kinds of spoofing attacks such as the interference attack, the replay attach, impersonation attack are effectively resisted.

The invention discloses a ZigBee security network with a public key cryptography system NTRU (number theory research unit). The ZigBee security network includes the steps: selecting system parameters meeting NTRU building conditions in system initialization according to the public key cryptography system NTRU, and constructing a random function; generating keys; distributing the keys and performing the encryption and decryption process. The ZigBee security network has the advantages that security of a ZigBee wireless communication process is improved, encryption and decryption speed is high, communication efficiency is improved, energy consumption is low, fewer storage resources are occupied, the storage load of the system is not increased, the ZigBee security network has fine expandability, the anti-attack capability of the system is improved, impersonation attack and replay attack can be effectively resisted, low cost of the system is ensured, and broad market requirements can be met.

The invention belongs to the technical field of quantum communications, and discloses a quantum identity authentication method, a computer, a computer program and a readable storage medium. The methodcomprises the steps that binary identity strings of both sides are used for preparing two groups of particle sequences according to specified rules; Alice sends a first particle used for preparing aBell-state particle sequence to Bob, and Bob sends a second particle used for preparing the Bell-state particle sequence to Alice; Bell-based measurement is conducted on particles in the two sides, and the measurement results are subjected to binary representation. In the identity authentication process, no unitary transformation is needed in the Bell-state transmission process, and information transmission can be achieved simply by executing Bell-state measurement and a bitwise exclusive OR operation. In practical application, achievement of the protocol is achieved by only depending on Bell-state accurate preparation and Bell-state reliable measurement, and the protocol can resist impersonation attack.

The invention relates to an authentication method based on a public key encryption system, applied to an environment of instant message communication, network telephone and the like. The authentication method comprises identity authentication and shared session key generation. The authentication method mainly consists of three roles: a sender A, a receiver B, and a key distribution center. In a protocol execution process, the sender A and the receiver B complete the mutual identity authentication with the key distribution center and the mutual authentication between the sender A and the receiver B through the interaction with the secret key distribution center, in the period, the sender A and the receiver B respectively receive a shared session key generated by the secret key distributioncenter, and the authentication party also receives the shared session key so as to use the shared session key to encrypt and decrypt communication contents in the next stage of information interaction. By adoption of the authentication method provided by the invention, the security requirements of the authentication protocol are fully met, the old message playback can be prevented, and the identity impersonation attacks are defended.

The invention discloses a human living body detection method based on human brain intelligence and man-machine interaction. The human living body detection method comprises the following steps: randomly transferring an instruction subject which is pre-configured in an instruction database in advance, and randomly setting a response mode; acquiring user response information and verifying the response mode and a response result; and if the response mode and the response result of the instruction subject are matched successfully, judging that a response user is a human living body. According to the method, the subject is appointed randomly to enable the user to answer in regulated time by the randomly-appointed response mode, and the transmitted instruction subject can be answered through the brain thinking of the user, so that an impostor can not adopt manners such as pure voice and/or video synthesis or editing and the like to cheat a human living body detection system. According to the human living body detection method, lawless persons can be effectively prevented from carrying out impersonation attacks through various means, so that the human living body detection system becomes more effective and reliable.

The invention relates to a three-party authentication key agreement protocol generating method based on certificates. The method is applied to a wireless network system and comprises the steps: (1) three communication parties A, B and C respectively send respective certificate to other two parties; (2) after the communication party A receives the certificates sent by the communication parties B and C, x is randomly selected as a temporary private key, the formulas that MA=(g*g<c>)*g<x> , NA1=(g)<x> and NA2=(g<c>)<x> are calculated, then the communication party A sends MA and NA1 to the communication party B, and sends MA and NA2 to the communication party C, and the processing modes of the communication parties B and C are identical with that of the communication party A; (3) after the communication party A receives the messages sent by the communication party B and the communication party C, calculation and verification are performed, if the formula is false, a protocol is stopped from operating; if the formula is successful, a session key is calculated; the modes of calculating the session keys of the communication party B and the communication party C are identical with that of the communication party A; (4) an agreement is completed. According to the three-party authentication key agreement protocol generating method based on the certificates, modular and exponent arithmetic and a hash function are used, the operation efficiency is higher, and the agreement can resist the man-in-the-middle attack, the unknown secret key sharing attack and the secret key reveal impersonation attack, so that the safety is high.