...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Future generation computer systems >SDD: A trusted display of FID02 transaction confirmation without trusted execution environment
【24h】

SDD: A trusted display of FID02 transaction confirmation without trusted execution environment

机译:SDD:无值得可信执行环境的FID02事务确认的可信显示

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The FIDO2 protocol allows users to perform online authentication by setting a public key and avoids the shortcomings of the traditional password authentication mechanism in terms of security. During transaction confirmation with the FIDO2 protocol, users must confirm the transaction message and then sign this message using a cryptographic signature scheme. However, it is a challenge to show that transaction messages are correct or trusted in practice. No available authenticator that supports the FIDO2 protocol uses trusted display hardware to guarantee the correctness of transaction messages. This paper proposes a trusted display of transaction messages by developing a lightweight and trusted base on hardware without a trusted execution environment (TEE). The proposed trusted display is easily applied in the FIDO2 protocol and resists four types of well-known attacks, such as malicious process tampering with display and occupying an authenticator. The experimental results indicate that the improved FIDO2 protocol slightly increases the processing overhead compared to the traditional protocol.
机译:Fido2协议允许用户通过设置公钥来执行在线身份验证,并避免在安全性方面避免传统密码认证机制的缺点。在使用FIDO2协议的事务确认期间,用户必须确认事务消息,然后使用加密签名方案签署此消息。但是,显示交易消息在实践中是正确或信任的挑战是一项挑战。没有可用支持FIDO2协议的验证器使用可信显示硬件来保证交易消息的正确性。本文通过在没有可信执行环境(TEE)的硬件上开发硬质值和可信基地(TEE),提出了可信赖的交易消息显示。所提出的可信显示器很容易应用于FIDO2协议,并抵制四种类型的众所周知的攻击,例如使用显示和占用身份验证器的恶意过程。实验结果表明,与传统协议相比,改进的FIDO2协议略微增加了处理开销。

著录项

  • 来源
    《Future generation computer systems》 |2021年第12期|32-40|共9页
  • 作者

    Peng Xu; Ruijie Sun; Wei Wang; Tianyang Chen; Yubo Zheng; Hai Jin;

  • 作者单位

    National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan Hubei 430074 China;

    National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan Hubei 430074 China;

    Cyber-Physical-Social Systems Lab School of Computer Science and Technology Huazhong University of Science and Technology Wuhan Hubei 430074 China;

    National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan Hubei 430074 China;

    National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan Hubei 430074 China;

    National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan Hubei 430074 China;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    FIDO2 protocol; Authentication; Transaction confirmation; Secure display;

    机译:Fido2协议;验证;交易确认;安全显示;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号