Security Analysis of Tri-element Peer Authentication Mechanism

doi:10.3969/j.issn.1006-2475.2015.06.001

Abstract

Abstract: To analyze the security of Trielement Peer Authentication(TePA) mechanism, the TePA mechanism was analyzed based on Strand Space Model(SSM). According to the analysis, it was known that some cases of the TePA mechanism could not realize full authentication agreement, but they were still secure. Therefore, the TePA mechanism is secure in the SSM. Moreover, two improving methods for the TePA mechanism were proposed, making the improved TePA mechanism realize full authentication agreement.

Key words: Tri-element Peer Authentication(TePA), Strand Space Model(SSM), five pass authentication

CLC Number:

TP393.08

XIAO Yue-lei1,2,3, ZHU Zhi-xiang1,2, ZHANG Yong1,2. Security Analysis of Tri-element Peer Authentication Mechanism[J]. Computer and Modernization, 2015, 0(6): 1-6+31.

References

［1］ ISO/IEC 97983，1998/Amd.1:2010 Information TechnologySecurity TechniquesEntity AuthenticationPart 3: Mechanisms Using Digital Signature Techniques Amendment 1［S］.
［2］上官晓丽,杜志强. 基于虎符TePA的信息安全国际标准提案进展［J］. 信息技术与标准化, 2013(6):66-68.
［3］刘建华,梁俊杰. 公众网络统一身份认证服务标准体系研究［J］. 西安邮电大学学报, 2014,19(1):111-114.
［4］刘建华,王筱蕾. 一种公众网络统一身份认证服务架构［J］. 西安邮电大学学报， 2014,19(2):98-101.
［5］黄振海,郭宏,王育民,等. GB 15629.11-2003，信息技术系统间远程通信和信息交换局域网和城域网, 特定要求第11部分:无线局域网媒体访问控制和物理层规范［S］.
［6］黄振海,郭宏,徐冬梅,等. GB 15629.1102-2003，信息技术系统间远程通信和信息交换局域网和城域网,特定要求第11部分:无线局域网媒体访问控制和物理层规范: 2.4 GHz频段较高速物理层扩展规范的实施指南［S］.
［7］赖晓龙,曹军,铁满霞,等. GB 15629.11-2003/XG1-2006，信息技术系统间远程通信和信息交换局域网和城域网,特定要求第11部分:无线局域网媒体访问控制和物理层规范第1号修改单［S］.
［8］张帆,马建峰. WAPI认证机制的性能和安全性分析［J］. 西安电子科技大学学报, 2005,32(2):210-215.
［9］ Zhang Fan, Ma Jianfeng. Security analysis on Chinese wireless LAN standard and its solution［C］// Proceedings of the 34th International Conference Workshops on Parallel Processing, 2005. 2005:436-443.
［10］张帆,马建峰. WAPI实施方案的安全性分析［J］. 西安电子科技大学学报(自然科学版), 2005,32(4):545-548.
［11］ Li Xinghua, Moon S J, Ma Jianfeng. On the security of the authentication module of Chinese WLAN standard implement plan［C］// Proceedings of the 4th International Conference on Applied Cryptography and Network Security. 2006:340-348.
［12］李兴华,马建峰. WAPI实施方案中的密钥协商协议的安全性分析［J］. 计算机学报, 2006,29(4):576-580.
［13］ Qiang Tang. On the security of three versions of the WAI protocol in Chinese WLAN implement plan［C］// Proceedings of the 2rd International Conference on Communications and Networking in China. 2007:333339.
［14］杨年鹏,龙昭华,蒋贵全,等. 基于虎符TePA的物联网安全接入机制研究［J］. 计算机工程与设计, 2012,33(4):1305-1309.
［15］龙昭华,陈万东,王梅,等. 基于TePA的无线传感器网络安全方案［J］. 计算机应用研究, 2013,30(6):1824-1827.
［16］罗振营,龙昭华,陈万东. 基于TePA的以太网链路层安全分析与研究［J］. 计算机应用研究, 2014,31(6):1836-1840.
［17］Fabrega F J T, Herzog J C, Guttman J D. Strand spaces: Proving security protocols correct［J］. Journal of Computer Security, 1999,7(2/3):191-230.
［18］Herzog J C. The DiffieHellman keyagreement scheme in the strand space model［C］// Proceedings of the 16th IEEE Computer Security Foundations Workshop. 2003:234-247.

[1]	DONG Chongchong, ZHAO Cong, WU You, ZHANG Lei, ZHANG Jiawen, LI Zhihao. Zero-trust Dynamic Evaluation Method for IoT Terminals [J]. Computer and Modernization, 2024, 0(11): 41-45.
[2]	MA Huiping1, LI Peng1, 2, HU Sujun1. Security Game Analysis Model of RFID System Based on Bayesian Attack Graph [J]. Computer and Modernization, 2024, 0(07): 93-99.
[3]	WANG Dongyue, LIU Hao. Multi-agent Genetic Algorithm Based Cloud Platform Anti-fake Data Injection Attack Method [J]. Computer and Modernization, 2024, 0(04): 21-26.
[4]	YOU Jiajing1, 2, HE Yueshun1, HE Linlin1, ZHONG Hailong1, 2. Encryption Traffic Classification Method Based on AHP-CNN [J]. Computer and Modernization, 2024, 0(04): 83-87.
[5]	XIAO Hang, LI Peng, MA Hui-ping, ZHU Feng, . RFID System Security Analysis Model Based on Stochastic Petri Net [J]. Computer and Modernization, 2023, 0(09): 105-114.
[6]	DAI Rui-feng. Model Construction of College Network Security System Based on SSL Virtual Technology [J]. Computer and Modernization, 2020, 0(08): 122-126.
[7]	ZHANG Yu1,2, GUO Chun1,2, SHEN Guo-wei1,2, PING Yuan3. An IDS Alerts Preprocessing Method Based on Information Entropy [J]. Computer and Modernization, 2020, 0(05): 111-.
[8]	JIANG Wan-ming1,2, GUO Chun1,2, JIANG Chao-hui1,2. A Low-rate DDoS Attack Detection Method Based on BiLSTM [J]. Computer and Modernization, 2020, 0(05): 120-.
[9]	CAO Yong-ming. A Fuzzy Keyword Search Encryption Scheme Without Secure Channel [J]. Computer and Modernization, 2020, 0(04): 42-.
[10]	WANG Yao, LI Wei, WU Ke-he, CUI Wen-chao. Application of Fusion Model of GBDT and LR in Encrypted Traffic Identification [J]. Computer and Modernization, 2020, 0(03): 93-.
[11]	QIN Lu-lu, ZHOU Li-jing, WANG Min. A Conditional Proxy Re-encryption Supporting Multi-keyword Search [J]. Computer and Modernization, 2020, 0(01): 100-.
[12]	ZHOU Li-jing, WANG Min, QIN Lu-lu . CP-ABE Scheme with Attribute Revocation Under Environment of Multi-attribute Authority [J]. Computer and Modernization, 2019, 0(11): 60-.
[13]	SONG Zi-hua1,2, GUO Chun1,2, JIANG Chao-hui1,2. A Fast Trojan Detection Method Based on Network Traffic Analysis [J]. Computer and Modernization, 2019, 0(06): 9-.
[14]	WU Dong1,2, GUO Chun1,2, SHEN Guo-wei1,2. An Alert Correlation Method Based on Multi-factors [J]. Computer and Modernization, 2019, 0(06): 30-.
[15]	ZENG Qi, HAN Xiao, CAO Yong-ming. Integrated Public Key Encryption and Public Key Encryption with Keyword Search [J]. Computer and Modernization, 2019, 0(04): 103-.