基于NFC技术的移动支付系统安全性研究
发布时间:2018-11-23 15:37
【摘要】:随着移动互联网和移动支付的发展,NFC技术由于其便利性以及安全性,受到银行,运营商,厂商等追捧。由于在移动支付方面会涉及到敏感数据的传输,所以该技术也受到了安全研究人员和攻击者的关注。NFC技术作为在移动支付方面使用的技术,其自身安全性一方面体现在比较近的有效通信距离,还有一方面体现在通信初始化时的冲突检测机制。除此之外,NFC通信时的安全性需要依靠加密方案以及签名方案来保证。因此,选择安全的加密算法和签名方案是保证NFC通信时安全的有效措施。1.本文首先分析了NFC的通信机制,然后按照通信情况对NFC通信模型进行分层。介绍了每层的协议以及底层的NFC标准通信规范,随后分析了非接触式PBOC交易处理流程,给出了一个基于本文签密方案的安全交易流程。最后分析了近场通信受到的安全威胁以及近场通信需要满足的安全性要求。2.在近场通信中数据的保密性通过对数据加密来实现。本文对NFC技术通信时常用的DES算法进行改进,用来抵抗差分功耗攻击。差分功耗攻击通过采集算法加密过程中功耗,分析功耗与中间值关系来破解加密算法。本方案的改进算法采用掩码技术,对运算中间值进行掩码处理,消除了功耗消耗与中间值的相关性,能有效的抵御差分功耗攻击。为了使加密功能正确,修改了S盒的输入,并且进行了加密仿真,实验结果也显示掩码DES算法能正确的加密信息;对改进的算法进行差分功耗攻击实验,结果表明改进的算法能有效的抵御差分功耗攻击。3.除了数据的保密性外,数据的完整性也是安全要求之一。为保证通信时的保密性以及完整性,本文结合了加密与签名的机制提出了一种可公开验证的无证书混合签密方案。该方案通过双线性对构造,并且采用了无证书的方式,不需要第三方的认证中心认证。本文通过归约的一种方法证明了方案的保密性以及不可伪造性。除此之外,方案还具有可公开验证性,能保证交易双方对交易的不可抵赖。最后,与同样使用了双线性对的方案比较计算效率以及通信效率,可以得出在保证签密方案保密性和不可伪造性的前提下本方案具有较高的计算效率。
[Abstract]:With the development of mobile Internet and mobile payment, NFC technology has been sought after by banks, operators and manufacturers because of its convenience and security. Because it involves the transmission of sensitive data in mobile payment, the technology has also attracted the attention of security researchers and attackers. NFC technology is used in mobile payment. On the one hand, its own security is reflected in the close effective communication distance, and on the other hand, it is reflected in the collision detection mechanism when the communication is initialized. In addition, the security of NFC communication depends on encryption scheme and signature scheme. Therefore, the choice of secure encryption algorithm and signature scheme is an effective measure to ensure the security of NFC communication. 1. In this paper, the communication mechanism of NFC is analyzed firstly, and then the communication model of NFC is layered according to the communication situation. This paper introduces the protocol of each layer and the NFC standard communication specification at the bottom, then analyzes the processing flow of contactless PBOC transaction, and presents a secure transaction flow based on this signcryption scheme. Finally, the security threats to near field communication and the security requirements of near field communication are analyzed. 2. In near field communication, the data confidentiality is realized by encrypting the data. In this paper, the DES algorithm, which is commonly used in NFC communication, is improved to resist differential power attack. Differential power attack decrypts the encryption algorithm by analyzing the relationship between power consumption and intermediate value. The improved algorithm uses the mask technology to mask the intermediate value of the operation, which eliminates the correlation between the power consumption and the intermediate value, and can effectively resist the differential power attack. In order to make the encryption function correct, the input of the S-box is modified, and the encryption simulation is carried out. The experimental results also show that the mask DES algorithm can encrypt the information correctly. The improved algorithm is tested by differential power attack, and the results show that the improved algorithm can resist the differential power attack effectively. 3. In addition to the confidentiality of data, the integrity of data is also one of the security requirements. In order to ensure the confidentiality and integrity of communication, a publicly verifiable mixed signcryption scheme without certificates is proposed in this paper, which combines encryption with signature. The scheme is constructed by bilinear pairings and has no certificate, so it does not require the certification of a third party. In this paper, the confidentiality and unforgeability of the scheme are proved by a reduction method. In addition, the scheme can also be publicly verifiable, which can guarantee the non-repudiation of both parties to the transaction. Finally, comparing the computational efficiency and communication efficiency with the bilinear pair scheme, it is concluded that this scheme has a high computational efficiency under the premise of ensuring the privacy and unforgeability of the signcryption scheme.
【学位授予单位】:江南大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP309
本文编号:2351927
[Abstract]:With the development of mobile Internet and mobile payment, NFC technology has been sought after by banks, operators and manufacturers because of its convenience and security. Because it involves the transmission of sensitive data in mobile payment, the technology has also attracted the attention of security researchers and attackers. NFC technology is used in mobile payment. On the one hand, its own security is reflected in the close effective communication distance, and on the other hand, it is reflected in the collision detection mechanism when the communication is initialized. In addition, the security of NFC communication depends on encryption scheme and signature scheme. Therefore, the choice of secure encryption algorithm and signature scheme is an effective measure to ensure the security of NFC communication. 1. In this paper, the communication mechanism of NFC is analyzed firstly, and then the communication model of NFC is layered according to the communication situation. This paper introduces the protocol of each layer and the NFC standard communication specification at the bottom, then analyzes the processing flow of contactless PBOC transaction, and presents a secure transaction flow based on this signcryption scheme. Finally, the security threats to near field communication and the security requirements of near field communication are analyzed. 2. In near field communication, the data confidentiality is realized by encrypting the data. In this paper, the DES algorithm, which is commonly used in NFC communication, is improved to resist differential power attack. Differential power attack decrypts the encryption algorithm by analyzing the relationship between power consumption and intermediate value. The improved algorithm uses the mask technology to mask the intermediate value of the operation, which eliminates the correlation between the power consumption and the intermediate value, and can effectively resist the differential power attack. In order to make the encryption function correct, the input of the S-box is modified, and the encryption simulation is carried out. The experimental results also show that the mask DES algorithm can encrypt the information correctly. The improved algorithm is tested by differential power attack, and the results show that the improved algorithm can resist the differential power attack effectively. 3. In addition to the confidentiality of data, the integrity of data is also one of the security requirements. In order to ensure the confidentiality and integrity of communication, a publicly verifiable mixed signcryption scheme without certificates is proposed in this paper, which combines encryption with signature. The scheme is constructed by bilinear pairings and has no certificate, so it does not require the certification of a third party. In this paper, the confidentiality and unforgeability of the scheme are proved by a reduction method. In addition, the scheme can also be publicly verifiable, which can guarantee the non-repudiation of both parties to the transaction. Finally, comparing the computational efficiency and communication efficiency with the bilinear pair scheme, it is concluded that this scheme has a high computational efficiency under the premise of ensuring the privacy and unforgeability of the signcryption scheme.
【学位授予单位】:江南大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP309
【参考文献】
相关期刊论文 前10条
1 陈明;袁少良;;标准模型下可证明安全的基于身份多代理签名[J];计算机研究与发展;2016年08期
2 李明祥;安妮;;基于格的前向安全签名方案[J];密码学报;2016年03期
3 李丽娟;郭亚杰;;一种改进的ElGamal数字签名方案[J];计算机工程与科学;2016年06期
4 陈佳哲;李贺鑫;王亚楠;王宇航;;运用t检验评估3DES算法的侧信道信息泄露[J];清华大学学报(自然科学版);2016年05期
5 俞惠芳;杨波;;使用ECC的身份混合签密方案[J];软件学报;2015年12期
6 孙银霞;张福泰;沈丽敏;;抗签名密钥泄露的可撤销无证书签名[J];软件学报;2015年12期
7 张玉清;王志强;刘奇旭;娄嘉鹏;姚栋;;近场通信技术的安全研究进展与发展趋势[J];计算机学报;2016年06期
8 徐甫;马静谨;;基于中国剩余定理的门限RSA签名方案的改进[J];电子与信息学报;2015年10期
9 俞惠芳;杨波;张文政;;混合签密综述[J];西安邮电大学学报;2015年03期
10 罗鹏;李慧云;王鲲鹏;王亚伟;;对ECC算法实现的选择明文攻击方法[J];通信学报;2014年05期
相关博士学位论文 前1条
1 王红兵;基于双线性配对的代理重加密的研究[D];上海交通大学;2013年
,本文编号:2351927
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2351927.html
