采用可净化签名的OSPF协议安全保护机制

doi:10.13190/jbupt.201103.79.lidf

北京邮电大学学报 ›› 2011, Vol. 34 ›› Issue (3): 79-83.doi: 10.13190/jbupt.201103.79.lidf

采用可净化签名的OSPF协议安全保护机制

李道丰，杨义先，谷利泽，孙斌

北京邮电大学网络与信息攻防技术教育部重点实验室，北京 100876

收稿日期:2010-07-09 修回日期:2011-02-16 出版日期:2011-06-28 发布日期:2011-03-29
通讯作者: 李道丰 E-mail:daofengli74@gmail.com
基金资助:
国家重点基础研究发展计划项目（2007CB310704）；国家自然科学基金项目（90718001）

Secure Protection Mechanism for OSPF Protocol with Sinitizable Signature Scheme

Received:2010-07-09 Revised:2011-02-16 Online:2011-06-28 Published:2011-03-29
Contact: LI DaoFeng E-mail:daofengli74@gmail.com

摘要/Abstract

摘要：

为了实现对变化的Age域值的签名和验证,利用可净化签名技术提出一种新的开放式最短路径优先（OSPF）路由协议安全保护机制. 改进了可净化签名方案,结合其弱透明性的安全属性,并将其用于保护OSPF协议路由信息的安全. 分析结果表明,所提的OSPF协议安全机制能有效抵制最大年龄（MaxAge）攻击和早熟MaxAge攻击.

关键词: 开放式最短路径优先协议, 可净化签名, 最大年龄攻击, 变色龙哈希函数

Abstract:

In order to sign the vary age value and check its verification. A new secure protection mechanism for open shortest path first (OSPF) routing protocol is proposed through utilizing the sanitizable signature scheme. Enhanced sanitizable signature schemes, combines with the security property of weak transparence on the sanitizable signature algorithm,to protect the routing massage on the OSPF protocol. Security analysis shows, the proposed OSPF protocol can avoid the MaxAge attack and premature MaxAge attack.

Key words: open shortest path first protocol, sanitizable signature, MaxAge attack, Chameleon Hash function

中图分类号:

TP918

李道丰，杨义先，谷利泽，孙斌. 采用可净化签名的OSPF协议安全保护机制[J]. 北京邮电大学学报, 2011, 34(3): 79-83.

参考文献

[1] Vetter B, Wang Feiyi, Wu S F. An experimental study of insider attacks for OSPF routing protocol//ICNP 1997. Atlanta: , 1997: 293-300.
[2] Xu Shidi, Mu Yi, Susilo W. Secure AODV routing protocol using one-time signature// MSN 2005. : Springer, 2005: 288-297 .
[3] Reyzin L, Reyzin N. Better than BIBA: short one-time signatures with fast signing and verifying//ACISP’02. Melbourne: , 2002: 144-153.
[4] Micali S, Rivest R. Transitive signature schemes// CT-RSA 2002. : Springer-Verlag, 2002: 236-243.
[5] Xu Shidi. Authenticated AODV routing protocol using one-time signature and transitive signature schemes[J]. Journal of Networks, 2006, 1(1): 47-53.
[6] Perlman R. Network layer protocols with byzantine robustness. Cambridge: Massachusetts Institute of Technology, 1998.
[7] Perlman R. Interconnections: bridges and routers[M]. Boston: Addison-Wesley, 1992.
[8] Murphy S, Badger M, Wellington B. OSPF with digital signatures. (1997-07). http://www. faqs. org/rfcs/rfc2154. html.
[9] Murphy S, Badger M R. Digital signature protection of the OSPF routing protocol//SNDSS’96. Washington D C: IEEE Computer Society, 1996: 93-102.
[10] Deccio C T, Clement M, Seamons K. Securing OSPF using digital signatures and neighbor checking. (2003) . http://dna. cs. byu. edu/papers/pdf/ospf. pdf.
[11] Ateniese G, Chou D H, DeMedeiros B, et al. Sanitizable signatures//ESORICS 2005. Milan: , 2005: 159-177.
[12] Brzuska C, Fischlin M, Freudenreich T, et al. Security of sanitizable signatures revisited//PKC 2009. California: , 2009: 317-336.
[13] NIST. Digital signature standard (DSS) . (1994-11). http://csrc. nist. gov/cryptval/dss. htm.
[14] Hoffstein J, Howgrave-Graham N, Pipher J, et al. NTRUSign: digital signatures using the NTRU lattice//CT-RSA 2003. San Francisco: , 2003: 122-140. (上接第74页)
[6] Boneh D, Shen E, Waters B. Strongly unforgeable signatures based on computational Diffie-Hellman//PKC 2006. Berlin: Springer-Verlag, 2006: 229-240.
[7] Huang Qiong, Wong D S, Zhao Yiming. Generic transformation to strongly unforgeable signatures//ACNS 2007. Berlin: Springer-Verlag, 2007: 1-17.
[8] Steinfeld R, Pieprzyk J, Wang Huaxiong. How to strengthen any weakly unforgeable signature into a strongly unforgeable signature//CT-RSA 2007. Berlin: Springer-Verlag, 2007: 357-371.
[9] Teranishi I, Oyama T, Ogata W. General conversion for obtaining strongly existentially unforgeable signatures//INDOCRYPT 2006. Berlin: Springer-Verlag, 2006: 191-205.
[10] Matsuda T, Attrapadung N, Hanaoka G, et al. A CDH-based strongly unforgeable signature without collision resistant Hash function// ProvSec2007.Berlin:Springer-Verlag, 2007: 68-84.
[11] Sato C, Okamoto T, Okamoto E. Strongly unforgeable ID-based signatures without random oracles//ISPEC 2009. Berlin: Springer-Verlag, 2009: 35-46.
[12] Paterson K G, Schuldt J C N. Efficient identity-based signatures secure in the standard model//ACISP 2006. Berlin: Springer-Verlag, 2006: 207-222.
[13] 孙华,姚宣霞,刘行兵,等.标准模型下可证安全的基于身份门限签密方案[J]. 北京邮电大学学报,2010, 33(2): 11-15. Sun Hua, Yao Xuanxia, Liu Xingbing, et al. Provably secure identity-based threshold signcryption scheme in the standard model[J]. Journal of Beijing University of Posts and Telecommunications, 2010, 33(2): 11-15.

采用可净化签名的OSPF协议安全保护机制

Secure Protection Mechanism for OSPF Protocol with Sinitizable Signature Scheme

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价