检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:闫萌 邹俊伟[1] 刘亚辉 冯钒 朱翀 YAN Meng;ZOU Jun-wei;LIU Ya-hui;FENG Fan;ZHU Chong(Communications and Networks Center,School of Electronic Engineering,Beijing University of Posts and Communications,Beijing 100876,China)
机构地区:[1]北京邮电大学电子工程学院通信与网络研究中心,北京100876
出 处:《计算机技术与发展》2018年第4期148-151,共4页Computer Technology and Development
基 金:国家自然科学基金(61471067)
摘 要:基于NFC(near field communication,近场通信)技术的闪付服务,即中国银联所推出的小额免密支付服务,在丰富人们生活的同时,也使得用户的个人信息和财产安全面临着威胁。对此,从闪付服务中可能的隐私泄漏点-闪付卡出发,设计了一个针对其进行重放攻击的模型,以及进行攻击所需的基于PBOC3.0协议的通信协议。在此基础上利用PC机及附属设备搭建环境,对闪付卡与收单方间合法通信过程进行了监听,并利用监听过程中所截留的数据,模拟了闪付卡扣款流程,实现了重放攻击。此外,通过对截留的通信数据的分析,并结合对PBOC3.0协议的研究,找到了PBOC3.0协议的漏洞。最后提出了针对闪付卡重放攻击的对抗措施,以及PBOC3.0协议的改进措施。‘Quickpass',a service based on NFC(near field communication)which allows free pay under small amount of money launched by China Unionpay,has riched people's life,but also makes the users'personal information and property security under dreadful threats.For this,focused on one weak point of‘Quickpass',the‘Quickpass'card,we design a model for replay attack and its corresponding communication protocol based on PBOC3.0 protocol.With PC and its attached application we monitor the communication process between‘Quickpass'card and POS,and then describe a simulation of replay attack to Quickpass card with successful deduction.Through analysis of data caught and PBOC3.0 protocol,we have found the vulnerability of PBOC3.0.In the end,we put forward the measures against replay attack to‘Quickpass'card and improving PBOC3.0.
分 类 号:TP39[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30