一个新的RDP密码套件

doi:10.13190/jbupt.200806.50.203

北京邮电大学学报 ›› 2008, Vol. 31 ›› Issue (6): 50-53.doi: 10.13190/jbupt.200806.50.203

一个新的RDP密码套件

张华1,温巧燕1,袁征1,2

(1. 北京邮电大学网络与交换国家重点实验室, 北京 100876; 2.北京电子科技学院,北京 10070)

收稿日期:2008-01-26 修回日期:2008-09-08 出版日期:2008-12-31 发布日期:2008-12-31
通讯作者: 张华

A New Ciphersuite for Remote Desktop Protocol

ZHANG Hua1, WEN Qiao-yan1, YUAN Zheng1,2

(1. State key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing
100876, China; 2. Beijing Electronic Science and Technology Institute, Beijing 10070, China)

Received:2008-01-26 Revised:2008-09-08 Online:2008-12-31 Published:2008-12-31
Contact: Zhang Hua

摘要/Abstract

摘要：

针对远程桌面协议，提出1个新的基于口令的增强认证性的密码套件. 该密码套件利用远程桌面协议原有的口令,设计了一个增强认证的密钥协商协议,且不改变密钥计算过程. 在随机预言机模型下,给出安全性证明. 采用这个密码套件的远程桌面协议握手过程能够避免中间人攻击. 这也是有关通过新的可证明安全的密码套件提高远程桌面协议安全性的首次尝试.

关键词: 远程桌面协议, 认证, 密钥交换, 握手协议, 密码套件

Abstract:

Remote Desktop Protocol can make clients to access the remote servers, but it is vulnerable to man-in-middle attacks. A new password-based ciphersuite was proposed for the remote desktop protocol in this paper. It devised a key agreement protocol with the original password of RDP. The new ciphersuite can offer strong authentication. It doesn’t change the computation of keys. This ciphersuite is provably secure in random oracle model. The handshake of RDP that adopts this ciphersuite can avoid man-in-middle attacks. It is the first attempt at drafting provably secure key agreement ciphersuites for RDP.

Key words: Remote Desktop Protocol, Authentication, Key Exchange, Handshake Protocol, Ciphersuite

中图分类号:

TN929.53

张华1,温巧燕1,袁征1,2. 一个新的RDP密码套件[J]. 北京邮电大学学报, 2008, 31(6): 50-53.

ZHANG Hua1, WEN Qiao-yan1, YUAN Zheng1,2

. A New Ciphersuite for Remote Desktop Protocol[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2008, 31(6): 50-53.

参考文献

[1] 刁俊峰. 软件安全中的若干关键技术研究. 北京: 北京邮电大学, 2007: 41-55. Diao Jun-feng. Research on some key technologies of software security. Beijing: Beijing University of Posts and Telecommunications, 2007: 41-55.
[2] 袁征, 温巧燕, 陈瑞利, 等. ID口令进化的Ad Hoc网络会话密钥方案[J]. 北京邮电大学学报, 2007, 30(5): 82-85. Yuan Zheng, Wen Qiaoyan, Chen Ruili, et al. Conversation keys scheme bases ID and evolved passwords in Ad hoc network[J]. Journal of Beijing University of Posts and Telecommunications, 2007, 30(5): 82-85.
[3] Microsoft. Remote desktop protocol (RDP) features and performance white paper. . http://whitepapers.zdnet.co.uk/0,100000065 1,260006500p-39000438q,00.html.
[4] Zhou Lan, Susilo W, Mu Y. Efficient ID-based authenticated group key agreement from bilinear pairings//MSN 2006. Berlin: Springer-LNCS, 2006: 521-532.
[5] Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks//EUROCRYPT 2000. Berlin: Springer-LNCS, 2000: 139-154.
[6] Bresson E, Chevassut O, Pointcheval D. Cryptography for secure dynamic group communication: US,20050157874. 2004-11-30. http:// www.freepatentsonline.com/US20050157874.html.
[7] Bellovin S M, Merritt M. Cryptographic protocol for secure communications: US,5241599. 1993-8-31. http://www.freepatentsonline.com/US5241599.html.
[8] Bellovin S M, Merritt M. A cryptographic protocol for secure communications: European 05 35863B1. 2002-01-23. http://www.free patentsonline.com/EP0535863B1.html.
[9] Jablon D. Cryptographic methods for remote authentication: US,6226383. 2001-05-01. http://www.freepatentsonline.com/US6226383.html.
[10] Wu Thomas J. System and method for securely logging onto a remotely located computer: US,653 9479. 2003-03-25. http://www.freepatentsonline.com/US6539479.html.

[1]	吴玄姬伟峰翁江李映岐申秀雨. 面向网络切片的无证书切换认证与密钥协商协议[J]. 北京邮电大学学报, 2023, 46(4): 103-108.
[2]	彭维平, 韩宁, 宋成. 边缘计算环境下无证书车联网身份认证方案[J]. 北京邮电大学学报, 2022, 45(1): 46-51.
[3]	易茜, 黎伟, 易树平, 谢俊东. 基于鼠标行为时频联合分析的用户可信认证[J]. 北京邮电大学学报, 2021, 44(4): 121-128.
[4]	薛建彬, 白子梅. 边缘计算中移动终端安全高效认证协议[J]. 北京邮电大学学报, 2021, 44(1): 110-116.
[5]	李涛, 张静, 杨皓. 一种车载网隐私保护方案的分析与改进[J]. 北京邮电大学学报, 2020, 43(1): 104-110.
[6]	王任重, 陶丹. 基于上下文感知的智能手机隐式身份认证机制[J]. 北京邮电大学学报, 2019, 42(6): 118-125.
[7]	宋成, 顾心安, 王磊, 刘志中, 闫玺玺. 基于身份的车载网批量匿名认证方案研究[J]. 北京邮电大学学报, 2019, 42(5): 69-74.
[8]	肖剑, 李文江, 耿洪杨, 翟英博. 车联网中可抵抗DoS攻击的RFID安全认证协议[J]. 北京邮电大学学报, 2019, 42(2): 114-119.
[9]	张俊松, 张启坤, 甘勇, 孟颍辉. 适用于无线医疗传感网的身份认证协议[J]. 北京邮电大学学报, 2018, 41(4): 104-109.
[10]	石乐义, 崔玉文, 付文静, 陈鸿龙. 一种分簇无线传感网轻量级匿名认证及密钥协商方案[J]. 北京邮电大学学报, 2018, 41(2): 21-26.
[11]	姚苏, 关建峰, 潘华, 张宏科. 身份与位置分离网络中的可证明三元认证接入协议[J]. 北京邮电大学学报, 2017, 40(s1): 58-62.
[12]	马李翠, 黎妹红, 吴倩倩, 杜晔. 智能电网通信中动态密钥加密方法的研究与改进[J]. 北京邮电大学学报, 2017, 40(4): 74-79.
[13]	刘宴兵, 宋秀丽, 肖永刚. 车联网认证机制和信任模型[J]. 北京邮电大学学报, 2017, 40(3): 1-18.
[14]	宋成, 张明月, 彭维平, 贾宗璞, 刘志中. 基于安全多方计算的车载网隐私保护机制[J]. 北京邮电大学学报, 2017, 40(3): 67-71.
[15]	张秋余, 省鹏飞, 黄羿博, 董瑞洪, 杨仲平. 多格式音频感知哈希算法[J]. 北京邮电大学学报, 2016, 39(4): 77-82.

一个新的RDP密码套件

A New Ciphersuite for Remote Desktop Protocol

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价