Foiling Active Network Impersonisation Attacks Made in Collusion with an Insider
暂无分享,去创建一个
This paper examines the problems of transmission in a network with links subject to attack by a wire tapper who seeks to create bogus messages to deceive a recipient by impersonation of another. Many cryptographic solutions have been proposed which assume the attacker is acting in isolation without knowledge of secret keys. These solutions fail if the attacker obtains private key information. Most computer crimes involve a person inside the enterprise, so these proposals do not cover the most perilous scenarios. If the wire tapper is in collusion with an insider at the impersonated enterprise, and thereby learns the private key, conventional defences will fail. In this paper, a paradigm is described whereby, even if the wire tapper is in collusion with one insider at each of the innocent network parties and each insider is able to insert, delete, modify messages, and divulge secret keys, any attempted deception will be detected.
[1] Gustavus J. Simmons,et al. An Impersonation-Proof Identity Verfication Scheme , 1987, CRYPTO.
[2] Thomas Y. C. Woo,et al. Authentication for distributed systems , 1997, Computer.
[3] W. Caelli,et al. Information Security Handbook , 1991 .
[4] A. D. Wyner,et al. The wire-tap channel , 1975, The Bell System Technical Journal.
[5] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.