基于改进的Diameter/EAP-MD5的SWIM认证方法

doi:10.3969/j.issn.1000-436x.2014.08.001

Abstract

Abstract:

System wide information management (SWIM) provides the civil aviation information exchange and data sharing function by using service-oriented architecture (SOA). Based on the analysis of SWIM architecture and the sub-protocol EAP-MD5 of Diameter, the security vulnerable of authenticating process in standard Diameter/EAP-MD5 is explored, the EAP-MD5 authentication protocol is improved, and the SWIM authentication service based on Diameter is studied, then the SWIM authentication method based on improved Diameter/EAP-MD5 protocol is proposed. Experi-ments on the security of SWIM authentication service based on Diameter are performed in SWIM simulation environ-ment, results show that the improved Diameter/EAP-MD5 authentication method can enhance the security of SWIM au-thentication and guarantee SWIM security service.

Key words: system wide information management (SWIM), Diameter protocol, extensible authentication protocol (EAP), message-digest (MD) algorithm, identity authentication

Zhi-jun WU,Ting ZHAO,Jin LEI. Authentication method in SWIM based on improved Diameter/EAP-MD5[J]. Journal on Communications, 2014, 35(8): 1-7.

Figures/Tables 6

抽样次数	标准认证	改进16 bit(AES128)	改进32 bit(AES128)	改进16 bit(AES256)
1	180.437	199.375	204.118	213.845
2	178.890	194.373	189.565	201.769
3	194.919	206.586	205.274	198.468
4	179.316	201.468	196.479	207.820
$⋮$	$⋮$	$⋮$	$⋮$	$⋮$
97	187.062	197.349	197.017	221.385
98	179.331	215.821	189.288	197.154
99	174.047	195.467	212.526	214.528
100	186.250	198.694	201.365	202.273
平均值	184.35	200.63	203.13	208.69

References 15

[1]	DARIO D C , ANTONIO S , GEORG T . SWIM- a next generation ATM information bus-the SWIM-SUIT prototype[A]. 2010 14th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW)[C]. 2010.41-46.
[2]	吕小平，齐鸣 . 浅谈SWIM[J]. 民航管理， 2009,(5): 68-69. LV X P , QI M . A brief discussion of SWIM[J]. Civil Aviation Man-agement, 2009,(5): 68-69.
[3]	BOB S . Security architecture for system wide information manage-ment[J]. The 24th 2005 Digital Avionics Systems Conference (DASC 2005)[C]. 2005.
[4]	BOB S . System-wide information management (SWIM) demonstra-tion security architecture[J]. 2006 IEEE/AIAA 25th Digital Avionics Systems Conference[C]. 2006.1-12.
[5]	Federal Aviation Administration. System Wide Information Manage-ment (SWIM) eXtensible Markup Language (XML) Gateway Re-quirements[S]. 2009.
[6]	International Civil Aviation Organization. Web service security stan-dards[A]. Aeronautical Telecommunication Network Implementation Coordination Group-Eighth Working Group Meeting[C]. Christchurch New Zealand, 2010.
[7]	邱锡鹏，刘海鹏 . Diameter 协议研究[J]. 计算机科学， 2013,30(2): 75-78. QIU X P , LIU H P . Research on diameter protocols[J]. Computer Sci-ence, 2013,30(2): 75-78.
[8]	IETF RFC3588. Diameter Base Protocol[S]. 2003.
[9]	IETF RFC3748. Extensible Authentication Protocol(EAP)[S]. 2004.
[10]	IETF RFC 4072, Diameter Extensible Authentication Protocol(EAP) Application[S]. 2005.
[11]	陈凤其，姚国祥 . 一种基于Hash函数的EAP认证协议[J]. 计算机系统应用， 2010,19(6): 74-77. CHEN F Q , YAO G X . A hash-based EAP authentication protocl[J]. Computer Systems ＆ Applications, 2010,19(6): 74-77.
[12]	陈世伟，金晨辉 . MD5碰撞攻击中的充要条件集[J]. 软件学报， 2009,20(6): 1617-1624. CHEN S W , JIN C H . Set of necessary and sufficient conditions in collision attacks on MD5[J]. Journal of Software, 2009,20(6): 1617-1624.
[13]	赵志新，祝跃飞，梁立明 . 无线局域网隧道认证协议 PEAP 的分析与改进[J]. 信息工程大学学报， 2005,6(3): 52-55. ZHAO Z X , ZHU Y F , LIANG L M The analysis and mend of PEAP protocol in WLAN[J]. Journal of Information Engineering University, 2005,6(3): 52-55.
[14]	吉晓东 . 支持身份隐藏的EAP-PSK协议改进[J]. 南通大学学报(自然科学版), 2007,6(2): 74-77. JI X D Improvement of EAP-PSK protocol enabling identity pri-vacy[J]. Journal of Nantong University (Natural Science), 2007,6(2): 74-77.
[15]	王志中 . MD5算法在口令认证中的安全性改进[J]. 电脑知识与技术， 2012,8(2): 296-297. WANG Z Z Security improvement of MD5 algorithm in password authentication[J]. JComputer Knowledge and Technology, 2012,8(2): 296-297.

Metrics

Recommended 0

No Suggested Reading articles found!

Authentication method in SWIM based on improved Diameter/EAP-MD5

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 6

References 15

Related Articles 12

Metrics

Recommended 0

[1]	Houzhen WANG, Xinwei CAI, Yan GUO, Huanguo ZHANG. 5-pass zero-knowledge identity authentication scheme based on matrix completion problem [J]. Journal on Communications, 2021, 42(11): 79-86.
[2]	Liehuang ZHU,Long WANG,Jiasheng LI,Chuan ZHANG,Weihua YUAN. New entity authentication and access control scheme in satellite communication network [J]. Journal on Communications, 2018, 39(6): 73-80.
[3]	Sen ZHAO,Qingqing GAN,Xiaoming WANG,Fang YU. Authentication scheme for multi-cloud environment based on smart card [J]. Journal on Communications, 2018, 39(4): 131-138.
[4]	Wei-guo SHEN,Wei WANG. Keystroke features recognition based on stable linear discriminant analysis [J]. Journal on Communications, 2017, 38(Z2): 26-29.
[5]	Ying-di DONG,Jin-ye PENG,Xiao-bo ZHANG,Zhen-long ZHANG. Quantum identity authentication scheme based on measurement-device-independent quantum key distribution protocol [J]. Journal on Communications, 2016, 37(2): 152-157.
[6]	. Authentication method in SWIM based on improved Diameter/EAP-MD5 [J]. Journal on Communications, 2014, 35(8): 1-7.
[7]	. Rational analysis of authentication protocols based on NGUYEN L H scheme [J]. Journal on Communications, 2013, 34(8): 3-26.
[8]	Xing-hua LI,Ling-juan DENG,Yuan ZHANG,Jian-feng MA. Rational analysis of authentication protocols based on NGUYEN L H scheme [J]. Journal on Communications, 2013, 34(8): 18-26.
[9]	Zhen-peng LIU,Feng-long WU,Kai-yu SHANG,Wen-lei CHAI,Xiao WANG. Mutual authentication scheme based on the TPM cloud computing platform [J]. Journal on Communications, 2012, 33(Z2): 20-24.
[10]	Chun-guang MA,Jiu-ru WANG,Xiao-rui ZHONG,Hua ZHANG. One-way accumulator-based key management protocol for wireless sensor networks [J]. Journal on Communications, 2011, 32(11A): 184-189.
[11]	Chao SHEN,Zhong-min CAI,Xiao-hong GUAN,Chao FANG,You-tian DU. User authentication and monitoring based on mouse behavioral features [J]. Journal on Communications, 2010, 31(7): 68-75.
[12]	Hong ZHANG. Research on smart authentication authorization and accounting in next generation network [J]. Journal on Communications, 2006, 27(2): 95-99.