scispace - formally typeset
Search or ask a question

Showing papers on "Handshake published in 2018"


Journal ArticleDOI
TL;DR: An efficient Cross-Domain HandShake (CDHS) scheme is constructed that allows symptoms-matching within MHSNs and proves the security of the scheme, and a comparative summary demonstrates that the proposed CDHS scheme requires fewer computation and lower communication costs.
Abstract: With rapid developments of sensor, wireless and mobile communication technologies, Mobile Healthcare Social Networks (MHSNs) have emerged as a popular means of communication in healthcare services. Within MHSNs, patients can use their mobile devices to securely share their experiences, broaden their understanding of the illness or symptoms, form a supportive network, and transmit information (e.g., state of health and new symptoms) between users and other stake holders (e.g., medical center). Despite the benefits afforded by MHSNs, there are underlying security and privacy issues (e.g., due to the transmission of messages via a wireless channel). The handshake scheme is an important cryptographic mechanism, which can provide secure communication in MHSNs (e.g., anonymity and mutual authentication between users, such as patients). In this paper, we present a new framework for the handshake scheme in MHSNs, which is based on hierarchical identity-based cryptography. We then construct an efficient Cross-Domain HandShake (CDHS) scheme that allows symptoms-matching within MHSNs. For example, using the proposed CDHS scheme, two patients registered with different healthcare centers can achieve mutual authentication and generate a session key for future secure communications. We then prove the security of the scheme, and a comparative summary demonstrates that the proposed CDHS scheme requires fewer computation and lower communication costs. We also implement the proposed CDHS scheme and three related schemes in a proof of concept Android app to demonstrate utility of the scheme. Findings from the evaluations demonstrate that the proposed CDHS scheme achieves a reduction of 18.14 and 5.41 percent in computation cost and communication cost, in comparison to three other related handshake schemes.

118 citations


Proceedings ArticleDOI
02 Jul 2018
TL;DR: The results indicate that the proposed PUF based authentication saves up to 45% power and uses 12% less memory compared to DTLS handshake authentication.
Abstract: Conventional cryptographic solutions to the security are expensive in terms of computing resources (memory and processing capacity) and power consumption. They are not suitable for the Internet of Things devices that have constrained resources. In this regard, physically unclonable functions (PUFs) have become an increasingly popular technology for building secure authentication in these systems. In this paper, we propose lightweight PUF-based authentication protocol. This was implemented on a wireless sensor network constructed using the resource-limited IoT devices: Zolertia Zoul re-mote. The functionality of the proposed scheme was verified using a server-client configuration. Then power consumption and memory utilisation of the proposed protocol were estimated and compared with the existing solutions, namely: DTLS (datagram transport layer security) handshake protocol and UDP (user datagram protocol). Our results indicate that the proposed PUF based authentication saves up to 45% power and uses 12% less memory compared to DTLS handshake authentication.

48 citations


Proceedings ArticleDOI
15 Oct 2018
TL;DR: It is concluded that preventing key reinstallations is harder than expected, and believe that (formally) modeling 802.11 would help to better secure both implementations and the standard itself.
Abstract: We improve key reinstallation attacks (KRACKs) against 802.11 by generalizing known attacks, systematically analyzing all handshakes, bypassing 802.11's official countermeasure, auditing (flawed) patches, and enhancing attacks using implementation-specific bugs. Last year it was shown that several handshakes in the 802.11 standard were vulnerable to key reinstallation attacks. These attacks manipulate handshake messages to reinstall an already-in-use key, leading to both nonce reuse and replay attacks. We extend this work in several directions. First, we generalize attacks against the 4-way handshake so they no longer rely on hard-to-win race conditions, and we employ a more practical method to obtain the required man-in-the-middle (MitM) position. Second, we systematically investigate the 802.11 standard for key reinstallation vulnerabilities, and show that the Fast Initial Link Setup (FILS) and Tunneled direct-link setup PeerKey (TPK) handshakes are also vulnerable to key reinstallations. These handshakes increase roaming speed, and enable direct connectivity between clients, respectively. Third, we abuse Wireless Network Management (WNM) power-save features to trigger reinstallations of the group key. Moreover, we bypass (and improve) the official countermeasure of 802.11. In particular, group key reinstallations were still possible by combining EAPOL-Key and WNM-Sleep frames. We also found implementation-specific flaws that facilitate key reinstallations. For example, some devices reuse the ANonce and SNonce in the 4-way handshake, accept replayed message 4's, or improperly install the group key. We conclude that preventing key reinstallations is harder than expected, and believe that (formally) modeling 802.11 would help to better secure both implementations and the standard itself.

37 citations


Book ChapterDOI
03 Sep 2018
TL;DR: A tool is developed that uses the state machine learning method to apply this to 7 widely used Wi-Fi routers, finding 3 new security critical vulnerabilities: two distinct downgrade attacks and one router that can be made to leak some encrypted data to an attacker before authentication.
Abstract: We show how state machine learning can be extended to handle time out behaviour and unreliable communication mediums. This enables us to carry out the first fully automated analysis of 802.11 4-Way Handshake implementations. We develop a tool that uses our learning method and apply this to 7 widely used Wi-Fi routers, finding 3 new security critical vulnerabilities: two distinct downgrade attacks and one router that can be made to leak some encrypted data to an attacker before authentication.

32 citations


Journal ArticleDOI
TL;DR: An improved ECDH-based handshake protocol is designed for the SDF wireless updating scheme, namely, the unbalanced OpenFunction handshake protocol, which is much lightweight than the TLS handshake protocol and SSL handshake protocol.
Abstract: Wireless updating is an essential method to update system files or fix bugs in Internet of Things (IoT) devices. A significant and challenging problem in wireless updating is security. First, without security guarantees, attackers can utilize the updating procedure to install harmful programs into the victim devices. Second, it is challenging to provide security for wireless updating, since in many IoT scenarios, the devices to be updated are computationally limited devices and located far from the center that issues update files. Currently, there are two types of solution to protect the wireless updating. The first one is the transport layer security (TLS) protocol or secure sockets layer (SSL) protocol that are used by wireless updating schemes for mobile terminals with the following operation systems: Windows, Debian, Android, and iOS. Another solution is the elliptic curve Diffie–Hellman (ECDH)-based handshake in the software-defined function (SDF) wireless updating scheme for the IoT devices. However, both the two solutions require equal computation tasks on the update file issuing center and the device to be updated. Normally, the former is much powerful than the latter. Therefore, to further address the security problem in wireless updating, we propose a novel solution with unbalanced computation costs on the two parties. In particular, we design an improved ECDH-based handshake protocol for the SDF wireless updating scheme, namely, the unbalanced OpenFunction handshake protocol. The protocol transfers significant computation task from the limited IoT device to the powerful center. The security of the protocol is analyzed. A prototype is realized to test the performance of the protocol. The experiment results show that in the same experimental platform, our protocol is much lightweight than the TLS handshake protocol and SSL handshake protocol.

16 citations


Book
01 Mar 2018
TL;DR: In this article, the future of consumer protection and online dispute resolution is discussed and ebooks for every single topic are available for download for a cost-free price, including the digital version of the Jean Campbell eBook.
Abstract: Are you looking to uncover the new handshake online dispute resolution and the future of consumer protection Digitalbook. Correct here it is possible to locate as well as download the new handshake online dispute resolution and the future of consumer protection Book. We've got ebooks for every single topic the new handshake online dispute resolution and the future of consumer protection accessible for download cost-free. Search the site also as find Jean Campbell eBook in layout. We also have a fantastic collection of information connected to this Digitalbook for you. As well because the best part is you could assessment as well as download for the new handshake online dispute resolution and the future of consumer protection eBook

15 citations


Proceedings ArticleDOI
01 Oct 2018
TL;DR: The results show that a handshake increases the perception of Warmth, Animacy, Likeability, and the tendency to help the robot more, by removing the obstacle.
Abstract: In this paper, we study the influence of a handshake in the human emotional bond to a robot. In particular, we evaluate the human willingness to help a robot whether the robot first introduces itself to the human with or without a handshake. In the tested paradigm the robot and the human have to perform a joint task, but at a certain stage, the robot needs help to navigate through an obstacle. Without requesting explicit help from the human, the robot performs some attempts to navigate through the obstacle, suggesting to the human that it requires help. In a study with 45 participants, we measure the human's perceptions of the social robot Vizzy, comparing the handshake vs non-handshake conditions. In addition, we evaluate the influence of a handshake in the pro-social behaviour of helping it and the willingness to help it in the future. The results show that a handshake increases the perception of Warmth, Animacy, Likeability, and the tendency to help the robot more, by removing the obstacle.

14 citations


Journal ArticleDOI
TL;DR: An elliptic curve public key cryptography concept is applied to the proposed scheme to keep the key safe and provides more security level, 192 bits or 256 bits, compared with the conventional WPA2-PSK-based public Wi-Fi networks.
Abstract: This paper proposes a secure key exchange scheme for Wi-Fi protected access II pre-shared key (WPA2-PSK)-based public Wi-Fi networks. The existing public Wi-Fi networks have several vulnerabilities, which are caused by eavesdropping stations in the same network. The main problem is that all stations in the same network have the same pre-shared key after the association. The attackers can derive an encryption key by eavesdropping on the four-way handshake procedure. Thus, we apply an elliptic curve public key cryptography concept to the proposed scheme to keep the key safe. In the proposed scheme, only an access point (AP) has its public key and private key pair. The proposed scheme solves the problem by exchanging a secondary key that each user determines or generated in the station during the authentication procedure. In the proposed scheme, the secondary key is encrypted by a station before it is transmitted to the AP. The AP can only decrypt the encrypted authentication message using its private key. By using the secondary key, each user can generate a unique pre-shared key and other following keys, which are derived from the four-way handshake procedure. Therefore, the exchange of the secondary key can defend against attacks from the malicious station in the same network. The safety of the proposed scheme is analyzed by several attack scenarios defined in this paper. Consequently, the proposed scheme provides more security level, 192 bits or 256 bits, compared with the conventional WPA2-PSK-based public Wi-Fi networks.

12 citations


Journal ArticleDOI
TL;DR: The formal definition and security model of ABH protocol is provided with a specific construction proving its security in the standard model, and how to deploy the protocol in the mobile healthcare social network is introduced.

11 citations


Journal ArticleDOI
TL;DR: In this article, the authors take a year-long look at how a weekly whole class greeting ritual, a Class Handshake, serves as a socio-epistemic-embodied-community building practice.
Abstract: Collaborative social practices that people participate in to coauthor, or co-create, support, and sustain, a classroom community are challenging to research and represent because they are fluid and emergent, and interdependent and cumulative, as they develop across time and space, across experiences and relations. In this article, we take a year-long look at how a weekly whole class greeting ritual, a Class Handshake, serves as a socio-epistemic-embodied-community building practice. We provide a rich description of the dialogic what and how of the Class Handshake ritual, and articulate connections between the Class Handshake and other classroom values and practices. We explore ways this collaborative social practice enacted values and relations that anchored a dialogic teaching and learning stance in this classroom community. We find that the Class Handshake functions like a “polyphonic web,” manifesting and perpetuating a sense of “We”-ness of this classroom community of practice. This study adds...

11 citations


Journal ArticleDOI
24 Feb 2018
TL;DR: The results of the study showed that the use of the handshake context can help students to understand of the Combination concept.
Abstract: This research used design research. It was constructing a learning trajectory through handshake context to help students’ understanding of the Combination concept. This research used PMRI approach. The participants of the research were the students of 10 th class SMA Negeri 15 Palembang. For retrospective analysis, the data were collected from a teaching experiment in form of student’s work, field notes, and interviews. The obtained data is a learning trajectory which is consists of 1) students do a role-play scene of the handshake activity; this activity supports students’ understanding that A do handshake with B is the same with B do handshake with A, which it indicates order does not matter in Combination. 2) students utilize their knowledge about factorial forms to analyze the general pattern of the Combination. 3) students solve problems related to the Combination concept to help them think about how to solve the similar problems in the daily life. The results of the study showed that the use of the handshake context can help students to understand of the Combination concept.

Book ChapterDOI
25 Sep 2018
TL;DR: This paper proposes the first generic framework that converts any secret handshake protocols into fully deniable ones, and defines two formal security models, including session key security and deniability for the proposed framework.
Abstract: Secret handshake is a useful primitive that allows a group of authorized users to establish a shared secret key and authenticate each other anonymously It naturally provides a certain degree of user privacy and deniability which are also desirable for some private conversations that require secure key establishment The inherent user privacy enables a private conversation between authorized users without revealing their real identities While deniability allows authorized users to later deny their participating in conversations However, deniability of secret handshakes lacks a comprehensive treatment in the literature In this paper, we investigate the deniability of existing secret handshakes We propose the first generic framework that converts any secret handshake protocols into fully deniable ones In particular, we define two formal security models, including session key security and deniability for our proposed framework

Patent
12 Jul 2018
TL;DR: In this paper, the authors propose a multi-system trust chain between a client system and a remote system in a secure connection, wherein an intermediary system associated with the network flow path serves as a signing entity to establish an end to end transitive trust.
Abstract: The method provides a multi system trust chain between a client system and a remote system in a secure connection, wherein an intermediary system associated with the network flow path serves as a signing entity to establish an end to end transitive trust. The intermediate system is a corroborative entity in the operations technology (OT) realm of the client system. The remote system serves as the host for a plurality of services in the information technology (IT) realm. A two way handshake during the initial secure exchange protocol between a local client application and a remote service is extended to a three way handshake that includes a nonce issued by the remote service on the remote system and a digital signature for the nonce issued by a signature service on an associated intermediate system. The nonce signature is verified authoritatively at the remote system based on the signing certificate of the intermediate system for explicit proof of association.

Patent
25 Dec 2018
TL;DR: In this paper, a client access method, a device, a terminal and a storage medium are provided, which comprises the following steps of establishing connection among servers, initiating a handshake request with the server; after the handshake request is successful, a service data request is sent and a heartbeat packet is sent out at regular intervals to maintain a long connection in a multiplexing mode with the Server.
Abstract: The invention provides a client access method, a device, a terminal and a storage medium. The method comprises the following steps of establishing connection among servers,initiating a handshake request with the server; after the handshake request is successful, a service data request is sent and a heartbeat packet is sent out at regular intervals to maintain a long connection in a multiplexing mode with the server. Based on the client access method provided in the technical scheme of the specification, the client can access the back-end server more quickly, stably and safely, thus improving the connection success rate and the network transmission speed, reducing the traffic consumption, reducing the catton phenomenon, and improving the user experience.

Proceedings ArticleDOI
01 Oct 2018
TL;DR: A RSA-based handshake protocol which implements a secure communication interface in the network layer and indicates that this protocol costs substantial time to process with RSA.
Abstract: Potential security vulnerabilities exist in network layer under the environment of Internet of Things(IoT). Attacks could jeopardize the commutation between devices if an encryption algorithm is not applied. In order to address this issue, we design a RSA-based handshake protocol which implements a secure communication interface in the network layer. In such case, both the controller and device can verify the other’s identity and a new session key is generated for subsequent communication. However, several experiments indicate that this protocol costs substantial time to process with RSA. The evaluation results show that several improvements should be completed in the algorithm.

Journal ArticleDOI
TL;DR: The role of interpersonal touch has been studied in communication fields, demonstrating a handshake or other form of appropriate interpersonal touch (AIT) has rendered favorable results in rapport in this paper.
Abstract: The role of interpersonal touch has been studied in communication fields, demonstrating a handshake or other form of appropriate interpersonal touch (AIT) has rendered favorable results in rapport ...

Proceedings ArticleDOI
01 Dec 2018
TL;DR: The IDM (Intelligent De Authentication Method) is proposed in capturing the real street encrypted packets for the cryptanalysis, and the method is semi-automatic which can decide the length and strength of the Deauthentication by the situations on the scene.
Abstract: The development of Wi-Fi application is on its high leap in various aspects, and its security can't be ignored by the kinds of attack methods. The best way to take control of the AP (Access Point) is get the password, which is easier to crack it by the more and more powerful GPU. The first step for the password is get the encrypted packets-the four ways handshake packets, and there is no specific description in how to take it efficiently. We proposed the IDM (Intelligent Deauthentication Method) in capturing the real street encrypted packets for the cryptanalysis, and the method is semi-automatic which can decide the length and strength of the Deauthentication by the situations on the scene.

Journal ArticleDOI
TL;DR: This paper has as main objective to minimize damages and preventing the attackers from exploiting weaknesses and vulnerabilities in the 4 ways handshake (WIFI) to address cyber crime and homeland security.
Abstract: The growing volume of attacks on the Internet has increased the demand for more robust systems and sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The being aware of the flaws on a network is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. This paper has as main objective to minimize damages and preventing the attackers from exploiting weaknesses and vulnerabilities in the 4 ways handshake (WIFI).

Journal ArticleDOI
TL;DR: Secure Device Pairing (SDP) as discussed by the authors is a novel pairing mechanism, which allows users to use smart watches to detect the handshake between users, and use the shaking information to create security keys that are highly random.

Patent
03 May 2018
TL;DR: In this article, a power charging session is authorized by firmware of the UE for charging the UE using a cryptographic handshake between the UE and a power station, and the UE is charged using a power charger.
Abstract: Embodiments for using power charge management authorization for a user equipment (UE) by a processor. A power charging session is authorized by firmware of the UE for charging the UE using a cryptographic handshake between the UE and a power charging station.

Journal ArticleDOI
TL;DR: An overlay network is described that allows a massive number of M2M devices to coexist with H2H traffic and access the network without going through the full LTE handshake and the results confirm the validity of this approach for applications in crowd sensing, monitoring and others utilized in smart city development.
Abstract: Long-Term Evolution (LTE) and its improvement, Long-Term Evolution-Advanced (LTE-A), are attractive choices for Machine-to-Machine (M2M) communication due to their ubiquitous coverage and high bandwidth. However, the focus of LTE design was high performance connection-based communications between human-operated devices (also known as human-to-human, or H2H traffic), which was initially established over the Physical Random Access Channel (PRACH). On the other hand, M2M traffic is mostly based on contention-based transmission of short messages and does not need connection establishment. As a result, M2M traffic transmitted over LTE PRACH has to use the inefficient four-way handshake and compete for resources with H2H traffic. When a large number of M2M devices attempts to access the PRACH, an outage condition may occur; furthermore, traffic prioritization is regulated only through age-based power ramping, which drives the network even faster towards the outage condition. In this article, we describe an overlay network that allows a massive number of M2M devices to coexist with H2H traffic and access the network without going through the full LTE handshake. The overlay network is patterned after IEEE 802.15.6 to support multiple priority classes of M2M traffic. We analyse the performance of the joint M2M and H2H system and investigate the trade-offs needed to keep satisfactory performance and reliability for M2M traffic in the presence of H2H traffic of known intensity. Our results confirm the validity of this approach for applications in crowd sensing, monitoring and others utilized in smart city development.

Patent
26 Jan 2018
TL;DR: In this article, a computer test system and method is presented, where a client receives answer information and personal information transmitted by a server, carries out parameter estimation operation on personal ability of the anther tested person and transmits the operation result to the server is the process of communication between the client and the server.
Abstract: The invention provides a computer test system and method. The process where a client receives answer information and personal information of anther tested person transmitted by a server, carries out parameter estimation operation on personal ability of the anther tested person and transmits the operation result to the server is the process of communication between the client and the server. The way of communication between the client and the server comprises the following steps: the client and the server realize communication connection through an internet; the client establishes communicationconnection based on a handshake protocol with a PC in the internet; and the PC establishes communication connection based on the handshake protocol with a plurality of servers, thereby effectively reducing the defects that the information missing probability is large, the communication mode between the client and the server cannot realize communication timeliness and correctness performance, refrigeration performance is not good, architecture is complex and diversion effect is poor in the prior art.

Patent
28 Jun 2018
TL;DR: In this article, the authors propose a method to assign a channel to a particular node of one or more nodes of a fault-tolerant group by exchanging handshake information between the assigned channel and channels assigned to other nodes of the group.
Abstract: In an embodiment, a method includes assigning, based on a switch module of a particular node of one or more nodes of a fault-tolerant group, a channel to the particular node. The method further includes determining a number of nodes in the fault-tolerant group by exchanging handshake information between the channel assigned to the particular node and channels assigned to other nodes of the fault-tolerant group. The method further includes initializing the fault-tolerant group with the determined number of nodes based on the exchanged handshake information.

Proceedings ArticleDOI
01 Nov 2018
TL;DR: This paper creates secure SSL protocol with zero-knowledge proof which proposed an intruder should not be able to substitute false certificates and masquerade as client or sever.
Abstract: In this paper, we create secure SSL protocol with zero-knowledge proof which proposed an intruder should not be able to substitute false certificates and masquerade as client or sever. We add Zero-Knowledge proof where certificate transfer directly into both parties. The new scheme was shown to be more secure against the known attacks for SSL. This protocol has characteristics which have identification and authentication of both parties when use to SSL handshake protocol.

Journal Article
TL;DR: The objective of the work is to present a solution which allows individual to keep watch on WLAN based on data packets collected over the network and evaluating its behavior.
Abstract: With Cyber-attacks and cyber-threats are increasing, network security needs to be seen in a new dimension. WLANs (Wireless Local Area Networks) are acquiring their hold in all the verticals of life. As technology is growing, a data breach at any scale, whether at the industry level or private can be menacing to distinct. Man-in-the-Middle is one of the most ruinous attacks in the WLAN. In this work, I propose a solution to detect Man-in-the-Middle attack in public or home WLANs. The objective of the work is to present a solution which allows individual to keep watch on WLAN based on data packets collected over the network and evaluating its behavior. The proposed detection system is simulated with the help of Kali Linux where the attacker is trying to get a WPA Handshake over the network, a packet sniffer tool which captures the changes over the network during the simulation and one capture analyzing tool which analyze the capture.

Patent
20 Nov 2018
TL;DR: In this paper, a device control method and system for an NB-IOPT terminal is presented, which comprises the following steps: sending a handshake request message to a narrowband Internet of Things terminal after every first preset time, confirming handshake failure, and if the number of handshake failures is equal to a preset threshold, performing reset processing on the narrowband internet of things terminal, and resettingthe number of failures.
Abstract: The invention relates to a device control method and system for an NB-IOPT terminal. The method comprises the following steps: sending a handshake request message to a narrowband Internet of Things terminal after every first preset time; when the narrowband Internet of Things terminal does not feed back a handshake response message of the corresponding handshake request message within a second preset time, confirming handshake failure; and if the number of handshake failures is equal to a preset threshold, performing reset processing on the narrowband Internet of Things terminal, and resettingthe number of handshake failures. According to the device control method and system provided by the invention, handshake is made with the narrowband Internet of Things terminal, whether the narrowband Internet of Things terminal is in a normal working state is confirmed according to the number of handshake failures, and when the narrowband Internet of Things terminal is not in the normal workingstate, the narrowband Internet of Things terminal is reset in time to restore the work of the narrowband Internet of Things terminal, thereby shortening the delay of manually restoring the work of thenarrowband Internet of Things terminal, and the working state of the narrowband Internet of Things terminal is restored in time to ensure the transmission of the Internet of Things information.

Patent
16 Feb 2018
TL;DR: In this paper, an HTTPs (Hyper Text Transfer Protocols) handshake method, device and system, relates to the field of network transmission, and aims to solve the problems of low efficiency and high cost due to deployment of a Keyless server on a client side.
Abstract: The invention provides an HTTPs (Hyper Text Transfer Protocols) handshake method, device and system, relates to the field of network transmission, and aims to solve the problems of low efficiency andhigh cost due to deployment of a Keyless server on a client side. The method comprises the following steps: selecting a Keyless Server from at least two Keyless Servers to establish a connection whenan edge node receives a secure sockets layer (SSL)/transport layer security (TLS) handshake request of a user; and receiving a decrypted or signed message sent by the Keyless Server. The technical scheme provided by the invention is suitable for a CDN (Content Distribution Network), and an efficient and high-stability HTTPs handshake process is realized.

Patent
18 Dec 2018
TL;DR: In this article, the authors proposed a method for intercepting a TCP first handshake packet and restoring the intercepted forged handshake packet to the normal handshake packet before forgery and sending them, if at least one user information in the forged packet does not include the login user information of the terminal device.
Abstract: The invention provides a network control method and a device. The method comprises the following steps: intercepting a TCP first handshake packet; If the first TCP handshake packet is a transmitted data packet, the handshake packet is forged to obtain a forged handshake packet, and the forged handshake packet includes at least one user information of a login user of a terminal device authorizing network communication;if the TCP first handshake packet is a received data packet, judging whether at least one user information in the TCP first handshake packet includes the login user information ofthe terminal equipment; if at least one user information in the TCP first handshake packet includes the login user information of the terminal equipment, restoring the intercepted forged handshake packet to the TCP first handshake packet before forgery and sending them;if the TCP first handshake packet is a normal handshake packet, or if at least one user information in the forged handshake packet does not include the login user information of the terminal device, discarding the intercepted TCP first handshake packet.

Patent
12 Oct 2018
TL;DR: In this paper, a handshake method and a handshake system based on a datagram secure transmission protocol was proposed. But the handshake method is not suitable for the use of the DTLS protocol in the case of large scale data transmission.
Abstract: The invention refers to a handshake method and a handshake system based on a datagram secure transmission protocol. The handshake method comprises: sending a client greeting message to the server by the client, wherein the client greeting message contains a list of all domestic commercial cipher suites supported by the client; receiving and determining whether the client greeting message carries astateless message authentication code by the server: if so, calculating to obtain a message authentication code by using a domestic hash algorithm, and comparing with the message authentication codecarried by the client greeting message to authenticate the client; sending a server greeting message to the client after the authentication, and informing the client of the domestic commercial ciphersuite selected by the client; and replacing the key specification according to the selected domestic commercial cipher suite by the client and the server, thereby establishing a data transmission link. The invention is capable of meeting the requirement of self-controllable information security in China and fully utilizing the unique advantages of the domestic encryption algorithm, and is compatible with the original DTLS protocol, and convenient for horizontal expansion.

Patent
19 Jan 2018
TL;DR: In this paper, the authors proposed a large-scale user sign-in method based on a wireless device handshake protocol, which comprises the following steps that a server reads in user serial number information, establishes an encrypted wireless local area network and waits for connection of users.
Abstract: The invention provides a large-scale user sign-in method based on a wireless device handshake protocol. The method comprises the following steps that (1), a server reads in user serial number information, establishes an encrypted wireless local area network and waits for connection of users; (2), the users join the local area network through wireless devices and inputs user serial numbers as network passwords, and the wireless devices automatically send request messages to the server through the handshake protocol; (3), the server filters authentication messages, breaks the serial numbers input by the users through a password collision method and moreover records MAC addresses of the devices in the user messages; and (4), the server marks sign-in users and moreover rejects the connection of the users. The method has the advantages that the users do not need to install software, the server only needs an ordinary wireless router, and a system supports more than one hundred users.