Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibi...Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibility and remains an attractive target for the attacker. On the other hand, multi-server architecture based authentication protocols make it difficult for the attacker to find out any significant authentication information related to the legitimate users. In 2009, Liao and Wang proposed a dynamic identity based remote user authentication protocol for multi-server environment. However, we found that Liao and Wang's protocol is susceptible to malicious server attack and malicious user attack. This paper presents a novel dynamic identity based authentication protocol for multi-server architecture using smart cards that resolves the aforementioned flaws, while keeping the merits of Liao and Wang's protocol. It uses two-server paradigm by imposing different levels of trust upon the two servers and the user's verifier information is distributed between these two servers known as the service provider server and the control server. The proposed protocol is practical and computational efficient because only nonce, one-way hash function and XOR operations are used in its implementation. It provides a secure method to change the user's password without the server's help. In e-commerce, the number of servers providing the services to the user is usually more than one and hence secure authentication protocols for multi-server environment are required.展开更多
文章主要研究MS SQL Server 2000和2005两个版本的数据库系统的身份认证机制及其攻击方法。借助软件分析完整地还原了SQL Server用户的登录过程,发现SQL Server 2000的认证机制极其脆弱,而SQL Server 2005采用标准的TLS安全协议对用户...文章主要研究MS SQL Server 2000和2005两个版本的数据库系统的身份认证机制及其攻击方法。借助软件分析完整地还原了SQL Server用户的登录过程,发现SQL Server 2000的认证机制极其脆弱,而SQL Server 2005采用标准的TLS安全协议对用户认证信息进行了封装保护。通过深入分析确信SQL Server 2005在TLS的使用上存在重大缺陷,极易受到中间人攻击而导致敏感信息的泄漏。展开更多
This paper presents a multi-interface embedded server architecture for remote real-time monitoring system and distributed monitoring applications. In the scheme,an embedded microprocessor( LPC3250 from NXP) is chosen ...This paper presents a multi-interface embedded server architecture for remote real-time monitoring system and distributed monitoring applications. In the scheme,an embedded microprocessor( LPC3250 from NXP) is chosen as the CPU of the embedded server with a linux operation system( OS) environment. The embedded server provides multiple interfaces for supporting various application scenarios. The whole network is based on local area network and adopts the Browser / Server( B / S) model. The monitoring and control node is as a browser endpoint and the remote node with an embedded server is as a server endpoint. Users can easily acquire various sensors information through writing Internet protocol address of remote node on the computer browser. Compared with client / server( C / S) mode,B / S model needs less maintain and can be applicable to large user group. In addition,a simple network management protocol( SNMP) is used for management of devices in Internet protocol( IP) networks. The results of the demonstration experiment show that the proposed system gives good support to manage the network from different user terminals and allows the users to better interact with the ambient environment.展开更多
Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Att...Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 "An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps", Nonlinear Dynamics 77(7): 399-411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.'s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server's public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications.展开更多
The growing need for high-performance networking is achieved with parallel processing;several networking functions are processed concurrently in order to accomplish a performance Networking Architecture. Open systems ...The growing need for high-performance networking is achieved with parallel processing;several networking functions are processed concurrently in order to accomplish a performance Networking Architecture. Open systems interconnection (OSI) model is an example of multi-layering structure, and each layer performs definite function unique to that layer. OSI model works on pass it on principle, and it is divided in two stacks lower stack and upper stack. Layers 4 - 7 represent upper stack and responsible for data applications. The remaining 1 - 3 layers represent the lower stack and mostly involve in data movement. There are many techniques are available for server optimization enhancing the availability by distributing the load among peer servers. According to our knowledge, nobody has implemented such splitting architecture across the entire OSI model. In this paper, we present multilayer Split-protocol (MLSP) a high performance, reliable and secure technique for spiting an application or network protocol across OSI model, and we present the design, implementation, and empirical performance evaluation of MLSP. It is the ideal choice for Cloud services where each functional component is considered an independent of each other.展开更多
文摘Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibility and remains an attractive target for the attacker. On the other hand, multi-server architecture based authentication protocols make it difficult for the attacker to find out any significant authentication information related to the legitimate users. In 2009, Liao and Wang proposed a dynamic identity based remote user authentication protocol for multi-server environment. However, we found that Liao and Wang's protocol is susceptible to malicious server attack and malicious user attack. This paper presents a novel dynamic identity based authentication protocol for multi-server architecture using smart cards that resolves the aforementioned flaws, while keeping the merits of Liao and Wang's protocol. It uses two-server paradigm by imposing different levels of trust upon the two servers and the user's verifier information is distributed between these two servers known as the service provider server and the control server. The proposed protocol is practical and computational efficient because only nonce, one-way hash function and XOR operations are used in its implementation. It provides a secure method to change the user's password without the server's help. In e-commerce, the number of servers providing the services to the user is usually more than one and hence secure authentication protocols for multi-server environment are required.
文摘文章主要研究MS SQL Server 2000和2005两个版本的数据库系统的身份认证机制及其攻击方法。借助软件分析完整地还原了SQL Server用户的登录过程,发现SQL Server 2000的认证机制极其脆弱,而SQL Server 2005采用标准的TLS安全协议对用户认证信息进行了封装保护。通过深入分析确信SQL Server 2005在TLS的使用上存在重大缺陷,极易受到中间人攻击而导致敏感信息的泄漏。
基金Sponsored by the National High Technology Research and Development Program(Grant No.2012AA02A604)
文摘This paper presents a multi-interface embedded server architecture for remote real-time monitoring system and distributed monitoring applications. In the scheme,an embedded microprocessor( LPC3250 from NXP) is chosen as the CPU of the embedded server with a linux operation system( OS) environment. The embedded server provides multiple interfaces for supporting various application scenarios. The whole network is based on local area network and adopts the Browser / Server( B / S) model. The monitoring and control node is as a browser endpoint and the remote node with an embedded server is as a server endpoint. Users can easily acquire various sensors information through writing Internet protocol address of remote node on the computer browser. Compared with client / server( C / S) mode,B / S model needs less maintain and can be applicable to large user group. In addition,a simple network management protocol( SNMP) is used for management of devices in Internet protocol( IP) networks. The results of the demonstration experiment show that the proposed system gives good support to manage the network from different user terminals and allows the users to better interact with the ambient environment.
基金Project supported by the National Natural Science Foundation of China(Grant No.61462033)
文摘Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 "An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps", Nonlinear Dynamics 77(7): 399-411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.'s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server's public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications.
文摘The growing need for high-performance networking is achieved with parallel processing;several networking functions are processed concurrently in order to accomplish a performance Networking Architecture. Open systems interconnection (OSI) model is an example of multi-layering structure, and each layer performs definite function unique to that layer. OSI model works on pass it on principle, and it is divided in two stacks lower stack and upper stack. Layers 4 - 7 represent upper stack and responsible for data applications. The remaining 1 - 3 layers represent the lower stack and mostly involve in data movement. There are many techniques are available for server optimization enhancing the availability by distributing the load among peer servers. According to our knowledge, nobody has implemented such splitting architecture across the entire OSI model. In this paper, we present multilayer Split-protocol (MLSP) a high performance, reliable and secure technique for spiting an application or network protocol across OSI model, and we present the design, implementation, and empirical performance evaluation of MLSP. It is the ideal choice for Cloud services where each functional component is considered an independent of each other.
