Research On Security Protocol Based On Double Sequence Encryption

Replay attack is a special attack mode that uses legitimate verification information to attack.The attacker can obtain permission by resending verification information.The existing replay attack defense schemes ensure the security of both sides of the communication to a certain extent,but the existing defense schemes have poor performance for guessing replay attack.Guessing replay attack means that the attacker can guess the verification information by intercepting the message,and form a legal message to execute replay attack by guessing the result.This new attack mode brings great challenges to protocol security,and new defense scheme is needed to resist this special replay attack.On the basis of introducing the background and significance of replay attack defense technology,this thesis summarizes and analyzes the research on replay attack defense technology at home and abroad,and points out the existing problemsIn order to solve the problem that the group authorization protocol in RFID system is vulnerable to attack,a RFID group attestation authorization protocol(Protocol by Authenticated Sequence,PAS)based on synchronization sequence and improved AE model is proposed.PAS uses the idea of zero knowledge proof to encrypt and transfer parameters,realizes synchronization sequence between reader and electronic tag,and uses random value to ensure the reliability and freshness of request,Authentication encryption(AE)model is used to transfer encryption key and key seed to ensure message synchronization.PAS protocol can resist most attacks against RFID system,and has good scalability.The security of pass parameters in PAS protocol is proved by BAN logic reasoning.In order to resist replay attack in Web environment,a BSP scheme based on double sequence function is proposed.BSP scheme based on double sequence encryption transfer security check factor method for protocol security check,using double encryption function to generate check code and verify encryption parameters,using encryption check function at both ends to transfer check code and mutual verification.Experimental results show that,compared with the anti replay attack scheme using timestamp and version number,BSP scheme can resist network delay,reduce the impact of network delay on the protocol,and has good anti replay attack ability.The defense scheme based on double sequence is aimed at the analysis of request information.The request information with large flow will consume more server resources,so it is necessary to further use intrusion detection system to filter the request information.In the existing intrusion detection system,the training data set dimension of request filtering model is too large.Therefore,this paper proposes a feature selection scheme c-fit scheme based on the idea of grouping fitting.C-fit uses the classification information of the data set to classify the data of each dimension,and uses the classification results to judge the contribution of the dimension to the classification of the data set.The effective dimensions of the data set are selected by iteration,so as to improve the classification effect of the data set.Experimental results show the effectiveness of the c-fit scheme.