毕业设计(论文)题目:基于Android与多媒体技术的英文学习APP的设计与实现设计(论文)要求及原始数据(资料):1.综述国内外移动互联现状及前景;2.了解Android系统,理解Android应用程序的开发方法和步骤;3.分析该Android应用程序的模块结构和主要算法;4.熟悉开发工具的使用,完成代码编写和测试;5.训练检索文献资料和利用文献资料的能力;6.训练撰写技术文档与学位论文的能力。 |
毕业设计(论文)主要内容:1.综述国内外移动互联网发展现状及前景;2. 综述分析“有道英语”的可行性及具体需求;3. 综述“有道英语”APP的总体设计框架;4. 深入剖析“有道英语”APP详细设计过程中所用的关键技术; 7. 测试“有道英语”APP的各个模块的运行情况及功能模块是否基本符合要求;8. 分析并总结“有道英语”APP存在的不足之处,最后对指导老师表达致谢。 学生应交出的设计文件(论文):1.内容完整、层次清晰、叙述流畅、排版规范的毕业设计论文;2.包括毕业设计论文、源程序等内容在内的毕业设计电子文档及其它相关材料 |
主要参考文献(资料):商陆民,朱丹群,周然,邢海荣. 多功能电子词典软件设计[J]. 东南大学电子工程系,1995任桢.电子词典的设计研究[J]. 华中科技大学,2003黄艺锋,闫巧.基于Android平台电子词典的设计与实现[J].深圳大学计算机与软件学院,2011朱婷婷,李惠.基于Android的应用软件的综述[J] .浙江师范大学数理信息学院,2011邵明博.基于智能手机的大学英语移动学习平台研究[D]. 华中师范大学,2011尹京华,王华军 .基于Android开发的数据存储[J]. 成都理工大学信息科学与技术,2012刘锐.Android开发的性能优化[D]. 新华网股有限公司,2009Serguei A.Mokhovᄃ,Mashrur Mia.A UI Design Case Study and a Prototype of a Travel Search Engine.Scientific American,2010J.MANI BHARATHI, S.Hemalatha, V.AISHWARYA .Advancement in Mobile Communication using Android .International Journal of Computer Applications, 2010, Vol.1 (7)Code Home.Android-An Open Handest Alliance Project.Future Generation Computer Systems,2011专业班级软件1110班学生段建生要求设计(论文)工作起止日期2015年3月23日~2015年7月3日指导教师签字日期2015年3月23日教研室主任审查签字日期系主任批准签字日期 |
摘 要
关键词: Android; 多媒体; 英语学习; 互联网+
Android and multimedia English study design and Implementation Based on APP
Throughout the history of human development is always accompanied by the progress of science and technology and the evolution from the stone age to the age of cold weapons to the industrial age to the age of the Internet, every technological change the human way of life has a qualitative change, and now the mobile Internet era has arrived. During the two sessions this year, Premier Li Keqiang put forward the concept of "Internet +", also from the side once again confirms the rule. A mobile phone as the terminal is more portable, is gradually evolved into a connected all the control center. English is one of the most countries in the world have been accepted by language, in different regions, different nationalities, different cultures in the role can not be replaced. Today, the frequency of use of English has developed into the second language. Different levels of demands on English learning enhancement. In this context, we should change the traditional way, in a more convenient way to achieve the purpose of learning English. This project is mainly combined with the actual situation, the use of Android and multimedia technology on College Students English learning were moderate group customization, the main realization function module: dictionary, translation, audio classroom, saying words and word memory book and other functions.
Keywords: Android; multimedia; English learning; Internet +
1 绪论
1.1 项目背景
移动互联网(MobileInternet, 简称MI)是一种通过智能移动终端,采用移动无线通信方式获取业务和服务的新兴业务,包含终端、软件和应用三个层面。终端层包括智能手机、平板电脑、电子书、MID等;软件包括操作系统、中间件、数据库和安全软件等。应用层包括休闲娱乐类、工具媒体类、商务财经类等不同应用与服务。随着技术和产业的发展,未来,LTE(长期演进,4G通信技术标准之一)和NFC(近场通信,移动支付的支撑技术)等网络传输层关键技术也将被纳入移动互联网的范畴之内。
4G互联网时代下,移动应用越来越多,Android 4.2.2更新包于2013年2月11日发布,未来采用Android系统手机越来越多。不仅仅在于手机,在任何移动设备上,都可以采用Android开发移植到终端设备上,例如电视、冰箱、空调、洗衣机等。将这些设备计入互联网,我们可以通过手机实时知道各个设备的状态,也可以控制它们工作。总之,Android 将带给我们更加智能、便捷、现代的生活。从而,Android应用的开发,
1.2 论文主要工作
1.3 论文脉络
2 项目相关技术介绍与分析
2.1 Android的发展和历史
Android是以Linux为基础的开放源码的操作系统,主要应用于便携设备。最开始由Andy Rubin开发,主要支持手机。2005年由Google收购注资,并组建开放手机联盟开发一户,其逐渐扩展至平板电脑及其他领域上。2012年2月数据显示,Android占据全球智能手机操作系统市场52.5%的份额,中国市场占有率为68.4%。
表2-1 Android版本发布时间
序号 | 时间 | 事件 |
1 | 2003年10月 | Andy Rubin等人创建Android公司,并组建Android团队 |
2 | 2005年8月17日 | Google收购了成立仅22个月的高科技企业Android |
3 | 2007年11月5日 | Google公司正式向外界展示Android操作系统 |
4 | 2008年9月22日 | Google正式对外发布第一款Android手机(HTC G1) |
5 | 2008年9月23日 | Android1.0正式发布 |
6 | 2009年4月30日 | Android1.5正式发布 |
7 | 2009年9月15日 | Android1.6正式发布 |
8 | 2010年5月20日 | Android2.2版本软件开发工具包发布 |
9 | 2010年12月7日 | Android2.3版本软件开发工具包发布 |
10 | 2011年2月2日 | Android3.0正式发布 |
11 | 2011年2月3日 | Google发布了专用于平板电脑的Android3.0蜂巢系统 |
12 | 2011年10月19日 | Google正式发布Android4.0操作系统 |
13 | 2012年6月28日 | Google正式发布Android4.1操作系统 |
14 | 2012年10月30日 | Google正式发布Android4.2操作系统 |
15 | 2013年7月25日 | Google正式发布Android4.3操作系统 |
16 | 2013年9月4日 | Google正式发布Android4.4操作系统 |
2.2 Android体系结构
在Android操作系统中,将体系结构划分为4层:Application(应用层)、Application Framework(应用框架层)、Libraries(系统运行库层)以及Linux Kernel(Linux内核层)。Android体系结构如图2-1所示:
图2-1 Android体系结构图
2.2.1 Application(应用层)
2.2.2 Application Framework(应用框架层)
2.2.3 Libraries(系统运行库层)
2.2.4 Linux Kernel(Linux内核层)
2.3 Android开发环境与工具
2.3.1 搭建Android开发环境
图2-2 JDK下载页面
图2-3 JDK安装路径
图2-4 JDK环境变量设置
图2-5 JDK安装成功界面
- 下载并安装Eclipse
图2-6 eclipse下载界面
- 下载Android SDK
下载网址:http://developer.android.com/sdk/index.html,登录该网址将会出现如图2-7所示网页,点击Download the SDK选择对应版本下载解压即可。
图2-7 SDK下载界面
- 安装Android开发插件
(1)打开Eclipse, 在菜单栏上选择 Help->Install New SoftWare 将会出现如图2-8所示界面。
图2-8 安装插件第一步
- 点击 Add按钮,出现如图2-9所示界面。其中,Name可以自己设定,此处设为“Android”,Location中输入网址:http://dl-ssl.google.com/android/eclipse/。
图2-9 安装插件第二步
- 点击如图2-9所示界面OK按钮,出现如图2-10所示界面。
图2-10 安装插件第三步
- 点击如图2-10所示界面 Next按钮,出现如图2-11所示界面。
图2-11 安装插件第四步
- 点击如图2-11所示界面Next按钮,出现如图2-12所示界面。
图2-12 安装插件第五步
- 选择I accept the terms of the license agreements 点击如图2-12所示界面Next按钮,进入安装插件界面,如图2-13所示。
图2-13 安装插件第六步 图2-14 安装插件第七步
- 安装完成后,提示重新启动Eclipse,点击如图2-14所示界面Yes按钮。
- 配置Android SDK
图2-15 配置SDK
2.3.2 Android开发工具介绍
JDK(Java Development Kit)是Sun Micro Systems针对Java开发员的产品。自从Java推出以来,JDK已经成为使用最为广泛的Java SDK。JDK 是整个Java的核心,包括了Java运行环境、Java工具和Java基础类库。
Eclipse 是一种基于 Java 的可扩展开源开发平台。其仅仅是一个框架和一组服务,用于通过插件组件构建开发环境。另外,Eclipse 附带了一个标准的插件集JDT(Java Development Tools),Eclipse 还包括插件开发环境PDE(Plug-in Development Environment),这个组件主要为希望扩展 Eclipse 的软件开发人员而设计。
ADT(Android Development Tools)是Android开发所用工具是Eclipse编译IDE环境中的工具,安装ADT,可以为Android开发提供便利。
SDK(Software Development Kit)是一些被软件工程师用于为特定的软件包、软件框架、硬件平台、操作系统等建立应用软件的开发工具的集合。
2.4 环境说明
2.4.1 编程环境
本文作者用Eclipse和Android SDK(Android2.2)作为编程环境,在软件编写初期使用模拟器进行测试,后期软件逐步成熟后使用真机进行测试。
2.4.2 运行环境
3 项目可行性分析
3.1 可行性研究
3.1.1 技术可行性
3.1.2 经济可行性
3.1.3 操作可行性
4 项目需求分析与总体设计
4.1 需求分析
4.1.1 功能性需求分析
4.1.2 非功能性需求分析
• 易理解性:与用户为人质逻辑概念即其应用范围所花的努力有关的软件属性。
• 易学习性:与用户为学习软件应用所花的努力有关的软件属性。
• 易操作性:与用户为操作和运行控制所花的努力有关的软件属性。如带首字母筛选功能的下拉列表等。
4.2 系统总体设计及模块划分
4.2.1 模块划分
图4-1 系统模块图
4.2.2 系统操作流程图
图4-2 系统操作流程图
4.3 数据库设计及数据操作
SQLite,是一款轻型的数据库,是遵守ACID的关系型数据库管理系统,它的设计目标是嵌入式的,而且目前已经在很多嵌入式产品中使用了它,它占用资源非常的低,在嵌入式设备中,可能只需要几百K的内存就够了。它能够支持Windows/Linux/Unix等等主流的操作系统,同时能够跟很多程序语言相结合,比如 Tcl、C#、PHP、Java等,还有ODBC接口,同样比起Mysql、PostgreSQL这两款开源世界著名的数据库管理系统来讲,它的处理速度比他们都快。
4.3.1 数据库概念设计
图4-3 生词表的设计
图4-4 翻译句子表的设计
4.3.2 数据库逻辑设计
history(_id ,query, translation ,uk ,us,explain)
sentence(_id ,JUZI ,YISI )
history(_id , query, translation, uk, us explains );
4.3.3 数据库的创建
Android 提供了标准的数据库创建方式。继承SQLiteOpenHelper ,实现onCreate() 和 onUpgrade() 两个方法,有个好处就是便于数据库版本的升级,连接数据库的算法见程序清单。数据库如果创建不成功则抛出FIleNotFoundException异常。
4.3.4 数据库的操作
4.3.5 数据的查看
第五个参数groupBy,相当于SQL的group by后面的部分。
第七个参数orderBy,相当于SQL的order by后面的部分,如果是倒序,或者是联合排序,可以写成类似这样:String orderBy = “id desc,name”。
第八个参数limit,指定的结果集的大小,它和Mysql的limit用法不太一样,Mysql可以指定从多少行开始之后取多少条,例如,“limit 100,10”,但是这里只支持一个数值。
5 系统的详细设计与实现
5.1 系统主界面的设计
<?xml version="1.0" encoding="utf-8"?>
<selector xmlns:android="http://schemas.android.com/apk/res/android">
<item android:drawable="@drawable/ju" android:state_focused="true"/>
<item android:drawable="@drawable/dise" android:state_selected="true"/>
<item android:drawable="@drawable/dise" android:state_pressed="true"/>
<item android:drawable="@drawable/ju"/>
public class TranslateActivity extends ActivityGroup {
private TabHost tabHost = null;
protected void onCreate(Bundle savedInstanceState) {
tabHost = (TabHost) findViewById(R.id.trainTab);
// 如果不是继承TabActivity,则必须在得到tabHost之后,添加标签之前调用tabHost.setup()
Intent intent1 = new Intent(this, WordActivity.class);
Intent intent2 = new Intent(this, ContentActivity.class);
Intent intent3 = new Intent(this, FxActivity.class);
Intent intent4 = new Intent(this, SCActivity.class);
createTab("词典", intent1.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP));
// 切换时刷新Activity
createTab("翻译", intent2);
createTab("发现", intent3);
// 切换时刷新Activity
createTab("我的", intent4.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP));
图5-1 系统主界面
5.2 查询模块详细设计:
5.2.1 调用有道翻译API
try {
urlStr =
"http://fanyi.youdao.com/openapi.do?keyfrom=justTec&key=1249502330&type=data&doctype=json&version=1.1&q=" +URLEncoder.encode(word, "utf8");
} catch (UnsupportedEncodingException e1) {
// TODO Auto-generated catch block
5.2.2 Json数据解析
try {
String jsonData = "";
// 向指定的URL发送Http请求
HttpResponse response = httpClient.execute(new HttpGet(urlStr));
// 取得服务器返回的响应
HttpEntity entity = response.getEntity();
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(entity.getContent()));
String line = "";
while ((line = bufferedReader.readLine()) != null) {
jsonData = jsonData + line;
word = new Word();
JSONObject jsonObject = new JSONObject(jsonData);
JSONObject basic = jsonObject.getJSONObject("basic");
// 音标
// 返回json数组
String otherString = "";
JSONArray otherArray = basic.getJSONArray("explains");
for (int i = 0; i < otherArray.length(); i++) {
otherString += ";" + otherArray.getString(i);
} catch (Exception e) {
图5-2 模块界面 图5-3 中文查词
5.3 发现模块详细设计
- 四六级听力音频,主要是利用了Android自带的mediaplayer来进行定制实现,首先将所要播放的音频放入到资源raw文件夹中,然后申明出一个mediaplayer对象,通过其start(),stop()和pause()三个方法进行对应的音频的播放,停止和暂停。具体代码如下:
<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
tools:context=".Cet41Activity" >
android:text="暂停" />
android:text="播放" />
android:text="停止" />
playBtn.setOnClickListener(new OnClickListener() {
public void onClick(View v) {
// TODO Auto-generated method stub
图5-4 音频课堂 图5-5 音频播放
try {
// 读取Excel,导入到数据库
InputStream in = this.getClass().getClassLoader().getResourceAsStream
// 创建工作簿
HSSFWorkbook workBook = new HSSFWorkbook(in);
HSSFSheet sheet = workBook.getSheet("Sheet1");
int rows = sheet.getPhysicalNumberOfRows();
if (rows > 0) {
for (int j = 0; j < rows; j++) {
// 行循环
HSSFRow row = sheet.getRow(j);
if (row != null) {
HSSFCell cell1 = row.getCell(0,
HSSFCell cell2 = row.getCell(1,
ContentValues content = new ContentValues();
content.put("JUZI", cell1.getStringCellValue());
content.put("YISI", cell2.getStringCellValue());
db.insert(TABLE_SENTENCE, null, content);
} catch (IOException e) {
CommonBean bean = new CommonBean();
Cursor cursor = database.query(TABLE_SENTENCE, new String[] { "_id", "JUZI",
"YISI" }, "_id=" + CommonUtils.getRandom100(), null, null, null, null, null);
if (cursor.moveToNext()) {
final Builder builder=new AlertDialog.Builder(this);
gywmBtn.setOnClickListener(new OnClickListener() {
public void onClick(View v) {
// TODO Auto-generated method stub
+ "世界人民大团结万岁!");
5.4 我的模块
public View getView(final int position, View convertView, ViewGroup parent) {
if (convertView == null) {
convertView = mInflater.inflate(R.layout.scitem, null);
TextView id = (TextView) convertView.findViewById(R.id.id);
TextView query = (TextView) convertView.findViewById(R.id.query);
TextView translate = (TextView) convertView.findViewById(R.id.translate);
Button delete = (Button) convertView.findViewById(R.id.delete);
delete.setOnClickListener(new OnClickListener() {
public void onClick(View view) {
Toast.makeText(getApplicationContext(), "删除成功",
return convertView;
6 系统的测试
6.1 程序的测试
6.1.1 欢迎界面
图6-1 欢迎界面(清晰)
6.1.2 主界面
图6-2 主界面 图6-3 主界面
6.1.3 “词典”以及“翻译”模块
表6-1 查询数据示例
序号 | 单词 | 测试结果 | 备注 |
1 | 2011005485 | 无法查询 | 如图6-5所示 |
2 | *** | 无法查询 | 如图6-6所示 |
3 | good | 正常查询 | 如图6-7所示 |
4 | Good | 正常查询 | 如图6-8所示 |
5 | gOOd | 正常查询 | 如图6-9所示 |
6 | G89d | 无法查询 | 如图6-10所示 |
7 | 今天天气很好 | 正常查询 | 如图6-11所示 |
图6-4 全为数字 图6-5 无字符
图6-6 正常拼写 图6-7 首字母大写
图6-8 大小写间插 图6-9 数字与字母间插
图6-10 正常语句 图6-11 数字与字母与中文间插
6.1.4 “发现”模块测试
图6-12 “发现”界面 图6-13 音频课堂
图6-14 关于我们 图6-15 谚语名言
- 音频课堂的界面能否正确显示,并且在播放音频上能否正确的实现播放与停止;
- 谚语名言的界面能否正确显示,并且在名言警句的切换上能否正确顺畅的切换;
- 关于我们的界面,能否正确的弹出系统预设的一些信息。
6.1.5 “我的”模块测试
图6-16 生词本 图6-17 生词本
6.2 测试结果说明
An Enhanced Dragonfly Key Exchange Protocol against Offline
Dictionary Attack
Dragonfly is Password Authenticated Key Exchange protocol that uses a shared session key to authenticate parties based on pre-shared secret password. It was claimed that this protocol was secure against off-line dictionary attack, but a new research has proved its vulnerability to off-line dictionary attack and proving step was applied by using “Patched Protocol” which was based on public key validation. Unfortunately, this step caused a raise in the computation cost, which made this protocol less appealing than its competitors. We proposed an alternate enhancement to keep this protocol secure without any extra computation cost that was known as “Enhanced Dragonfly”.This solution based on two-pre-shared secret passwords instead of one and the rounds between parties had compressed into two rounds instead of four. We prove that the enhanced-Dragonfly protocol is secure against off-line dictionary attacks by analyzing its security properties using the Scyther tool. A simulation was developed to measure the execution time of the enhanced protocol,which was found to be much less than the execution time of patched Dragonfly. The off-line dictionary attack time is consumed for few days if the dictionary size is 10,000. According to this, the use of the enhanced Dragonfly is more efficient than the patched Dragonfly.
Keywords:Password Authenticated Key Exchange (PAKE), Original Dragonfly,
Patched Dragonfly, Enhanced Dragonfly, Two-Pre-Shared Password
- Introduction
Nowadays, information is increasing at a faster rate and it needs to be secured when exchanging it over insecure networks. The most efficient way to secure this information is Cryptology which is the science of building and analyzing secret code. It consists of cryptography and cryptanalysis. Cryptography is the science that builds secret codes and cryptanalysis is the science that analyzes those codes [1]. There are two types of cryptography:
Symmetric and Asymmetric key cryptography. Symmetric key cryptography has a shared key that is used by the sender and receiver in encryption and decryption processes, while Asymmetric key cryptography has a public key which is used in encryption processes and private key which is used in decryption processes .
One of the symmetric cryptography protocols is key exchange protocol, which allows two parties who share non-secret information to compute a shared key via public communication. Authenticated Key Exchange (AKE) is a symmetric protocol that not only allows parties to compute the shared key but also ensures the identity of the parties where a party can compute a shared key only if he/she is the one who claims to be [3]. Another example of symmetric protocols is the Two-party Password-based Authenticated Key Exchange (2PAKE) protocol that permits two parties to generate a session key based on a pre-shared password and authenticates each other[4]. In general, PAKE protocols are exposed to different types of attacks, mainly passive and active attacks. Passive attacks are difficult to detect and are used to get information that is sent between parties without modifying the information or harming the resources. Active attacks enable the attacker to modify the encrypted message orchange the meaning of the decrypted message by creating false streams [5]. However, the most complicated type of attack is the dictionary attack regardless of whether it is offline or online. Offline dictionary attack enables the attacker to record information from successful execution of the protocol by eavesdropping on the communication between parties. Then the attacker goes offline to find the required password by trying all passwords and choosing the correct password depending on the recorded information. The interaction with the server is not required in an offline dictionary attack. Online dictionary attacks enable the attacker to find the required password by trying all passwords during the interaction with the server [6].
2PAKE protocol has various types of protocols. In 1992, the first 2PAKE protocol (called the Encrypted KeyExchange (EKE)) was proposed by Bellovin and Merritt [7]. Since then, many other 2PAKE protocols have been proposed (e.g. [8]-[12]). One of these protocols was Dragonfly which was defined by Dan Harkins who claimed that this protocol had resistance to passive attacks, active attacks and offline dictionary attacks without security proofs [12]. In 2013, Dylan and Feng analyzed this protocol and proved that this protocol had weakness points in its security properties against active attack and offline dictionary attacks. They proposed to patch Dragonfly as a solution to verify its security properties by adding a public key validation [12].
The main problem in the patched dragonfly protocol was that it consumed an increased computation cost during the execution of the protocol when public key was used, which involved a large bit operation. In this paper,we introduced another enhancement for the Dragonfly protocol without using a public key. The proposed solution is based on using two-pre-shared secret passwords instead of one and the number of rounds between parties has been reduced to two instead of four. This step adds more security to the original Dragonfly protocol while the attacker will require more than 1.5 days to perform the off-line attack in case the shared password is extracted from a dictionary with the size 1000. This result has been approved through a simulation project which was developed by the java programming language. The simulation project has been used to find out the required execution time by both parties who are sharing the communication. The execution time is found to be less than
the time required in the use of public key validation. We also approved the efficiency of Enhanced-Dragonfly protocol by using the Scyther tool to analyze its security properties and its structure.
The paper is organized into sections: Section 2 presents the related work; Section 3 presents review of the Dragonfly protocol; the proposed solution is presented in Section 4, while discussion is presented in Section 5.Finally, the conclusion is in Section 6. It is focused towards those who are interested in cryptography and cryptanalysis domain. - Related Work
Password Authenticated Key Exchange (PAKE) protocols have been playing an essential role in providing secure communications. As is usual in cryptography, with each new release of a protocol, attempts to attack this protocol have also been released in order to measure resistance against these attacks.
In research [13], analysis of the security weaknesses of SPAKE1 and SPAKE2 protocols has been introduced.It was found that these protocols are vulnerable against password compromises, impersonation and Denialof-Service (DoS) attacks. Additionally, it was proved that the Hitchcock protocol [14], which uses public key encryptions, is insecure against momentary key compromise masquerades, Key Compromise Impersonation(KCI) attacks and off-line dictionaries. To remove these disadvantages, a new efficient protocol has been designed which relies on two-party PAKE protocols based on symmetric key exchange protocol and multiple hashfunction calculations. The public key scheme has been replaced here with the symmetric encryption because the
latter requires fewer bit operations. Many theories have been explained to prove that the proposed scheme is secure against various attacks. It provides the mutual authentication and forward secrecy attributes with many other security attributes. However, there is a little increase in computational costs that was caused by the extra hash calculations. This may be deemed negligible when considering the efficiency of the extra security attributes and lower number of rounds.
Moreover, another research [15] introduced the vulnerabilities of SPEKE and EKE protocols and analyzed them due to theoretical practices. In addition, a new PAKE protocol was proposed and was called Password Authenticated Key Exchange by Juggling (J-PAKE). It depends on shared secret-password between two entities and it has two rounds to create a strong shared key. It is based on well-established primitive in cryptography called Zero-Knowledge Proof (ZKP) that allows a person to prove his knowledge of a discrete logarithm without revealing it. The analysis of this protocol proved that it prevents off-line dictionary attacks, limits an active attacker to guess only one password per protocol execution and provides forward secrecy. It has advantages like:protection of users from leaking passwords and it does not require PKI deployments. This protocol is very efficient
according to the use of well-established primitives.
Recent researches in the field of PAKE protocols are moving towards using Public Key Infrastructure (PKI) in the authentication process. In recent years, PAKE has been used with RSA encryption method to provide the appropriate secrecy between two parties. In [16] a new proposed protocol named as E3PAKE-RSA, which is based on RSA scheme with the three-party model that enables two entities to only need to remember a humanmemorable
password to authenticate each other and agree on a large session key with the assistance of the trusted server. The public/private key parameters are selected by the clients rather than a trusted distribution center, which makes the process of on-line authentication obsolete. It was predicted that the computation cost for this protocol would be respectively high according to the two-party RSA-PAKE. However, during the testing phase, which applied to the generic constructions, the computation cost of E3PAKE-RSA protocol was found to be as much as the two-party RSA-PAKE and the number of total rounds are less than this. Actually, this protocol requires more time to execute due to the use of the RSA encryption method and the long bit operations, while the other PAKE protocols (which do not use PKI) work faster.
Overview on Dragonfly Protocol
Dragonfly is a PAKE protocol that is used to exchange session keys between two parties with mutual authentication inside mesh networks. It was defined by Dan [12]. Finite cyclic groups are required to implement dragonfly such as Finite Field Cryptography (FFC) or Elliptic Curve Cryptography (ECC) [17]. This paper implements this protocol by using FFC. A finite field is “a field F that contains a finite number of elements which is the order of F” [18]. More details about finite field are presented in.
In this section, we will explain the Dragonfly protocol in detail, with the discovered attack on it followed bythe solution which is suggested in [12]. - The Proposed Solution
This paper proposes a solution to secure the original Dragonfly protocol without the addition of public key in order to keep the execution time as fast as possible. It relies on using two pre-shared passwords instead of one. Here the attacker must search for each N, P in the dictionary. The first password P will be generated in the same way as in the original Dragonfly protocol. This is done by extracting a string from the dictionary and using the
identities of both parties. It has a length of 1024 bits. The generation of the second password N is the same as Pbut with two minor changes; which are based on the extraction of another word from the same dictionary and the use of the identity of the respondent and it has a length of 160 bits instead of 1024.
The enhanced Dragonfly protocol will work according to the following steps:
- Two passwords will be generated, which are P and N, and will be shared between both parties.
- Both parties produce scalar and element operations based on choosing one scalar that belongs to Q randomly(r). Then each party will compute his/her scalar (A,B) = r(A,B) + N and element operations E = P – N.
- Both parties will compute the hash value of E which is E' = H (E).
- The first party will compute the hash value A for the parameters E' and sA. Then A will be sent to the second party with the scalar value of the first party. The second party will verify the hash value A to ensure the authentication process. Here if the hash value is verified then the second party will compute the hash value B and send it to the first party with his/her scalar value SB, otherwise it will be declined. The first party in turn will verify the hash value B. If it is valid then the authentication succeeds.
- After that each party will calculate the shared secret which is ss = (PsB E)rA
- Then they create a shared secret key which is K = H(ss|E|(sA + sB) mod q).
The benefits of this solution are: firstly, the attacker will never be able to guess the hash value which includes the hash of the element value that uses the exponent of two-secret values. Secondly, the authentication processoccurs in two rounds rather than four rounds as in the original protocol. This elimination makes the execution process go faster. The steps of enhanced Dragonfly protocol have been displayed in Figure 2.
4.1. Methodology over Protocol Testing
A simulation project has been developed to test the time needed to execute the protocol compared to the patched dragonfly protocol. It was written in Java and maintained in Net Beans. This project has been handled by using 64 bits Windows 8.1 pro-operating system and a processor with the speed 2.38 GHz. This project includes three various classes:
- Dragonfly: is the main class that has objects from the other two classes and it also has some local variables
such as:
• ID_A, ID_B are identities of initiator and respondent. The identity is the Mac address. For example ID_A =
001CB3098515, ID_B = 001AB3008600.
3) EnhancedDragonfly: is the class that implements the proposed solution. It works as the initiator agent,which is Alice. The respondent agent which is Bob will follow the same steps that are provided by this class.First, a random value rA will be selected from {1,…,q} while q is a Subgroup Order as shown in Table 2. The
passed P and N will be used with rA to calculate Scalar sA, Element E and hash value A. Then these values will be used to calculate the shared secret key. We use MD5 for hash function.
This class includes seven methods:
- Enhanced Dragonfly is the constructor that takes p_modularandq as parameters.
- scalar_operation: it is calculating scalar operation that is sA = rA + N
- element_operation: it is calculating element operation that is E = P N
- sending_operation: it is used to calculate and send the hash value A
- verifying_operation: It returns true or false according to the verification of the hash value of the other party.
- sharedsecret_computation: used to calculate the shared secret key ss, which will be used later in the next equation.
- sharedkey_computation: returns the secret key in the form of hash value.
The class diagram of this project is displayed in Figure 3, while Figure 4 presents the input and output of Enhanced Dragonfly protocol simulation. The values of important parameters of Enhanced Dragonfly protocol simulation are listed in Table 2.
By applying this simulation, the execution time for one participant was found to be 19 minutes only. This experiment was applied 15 times in order to measure the total execution time of the enhanced Dragonfly protocol and the average of the total time is almost 38 minutes. This result works as a proof for the efficiency of the proposed solution, and the use of two-shared passwords will not affect the time of exchanging the secret keys.
4.2. Testing and Analysis of the Enhanced Dragonfly Protocol
Any protocol should be analyzed in order to see if there are any possible attacks that can occur and find how secure it is. The automatic analysis is the most recent approach which is used in analysis of security protocols and it is more efficient than the manual one. The required time to write the protocol description depends on the
learning of its language. All possible attacks will be tested by the used tool. The automatic analysis will be used in this research. Various tools are used to analyze the security protocols and to check the possibility of any attack can happen when protocol is put to use. An example for this is the Scyther tool which supports the evaluation of protocols with respect to these corruption models which have led to the automatic detection of many attacks that previously could only be found by manual analysis [22].
4.2.1. Description of Scyther Tool and SPDL
Scyther [23] is one of the most efficient analyzing tools compared with other tools [24]. It was found that this tool can discover attacks more efficiently than others and it can also verify protocols with an unlimited numberof sessions. Its run time is also less than others. There are many protocols that have been analyzed by this tool such as IKEv1, IKEv2 protocol suits, ISO/IEC 9798 family of authentication protocols and MQV family of protocols.
The Scyther tool takes the protocol description as input, and outputs a summary report stating whether the claim was true or false, whether any attack was found or not, and optionally, visual graph descriptions in the dot language from the GraphVizlibrary or representations of trace patterns in XML which describe the trace pattern[25]. Additionally, there are a set of Python bindings for the Scyther command-line tool, which provide a convenient means to script Scyther experiments. Figure 5 displays how this tool works.
Security Protocol Description Language (SPDL) is a language that is used in Scyther for writing a protocol[26]. This language is just expressive enough to capture the most relevant security protocols in an abstract way.It allows us to develop high-level reasoning methods and tools, which can be applied to a large class of protocols.SPDL is used to create a definition for existing protocols that use symmetric or asymmetric encryption. It includes three scopes; global scope (the largest scope), protocol scope (smaller than global) and role scope (thesmallest one). Furthermore, it includes the initial knowledge required to execute a role (each agent’s role includessequence of events, such as sending or receiving a message), the declaration of functions, global constants and variables.
4.2.2. SPDL of Enhanced Dragonfly Protocol and Analysis Result
In this sub-section, the SPDL representation of Enhanced Dragonfly protocol will be explained in detail. After that, the findings from this analysis will be discussed. The SPDL code of the enhanced dragonfly is displayed in Figure 6. First of all, a global hash function H1 & H2 has been defined (outside the protocol definition) to make it available to be accessed by all rolls in the protocol. Also, the functions of multiplication mult, addition add,
exponential exp and the inverse inv were defined globally. Function is a special type which defines a function term that can take a list of variables. By default, it behaves like a hash function: given the term H1(x) where H1 is of type Function, it is impossible to derive x. These functions are defined in an abstract way in SPDL, which doesn’t support any real equations.
Next, the protocol description starts with the keyword protocol which takes the role names as parameters.There are three rolls, namely; the key generator center (role KGC), the initiator (role A) and the respondent (role
• Key generator center role KGC [27]: Used here to pass the shared secret password P and N to role A and B. The way of generation, which is used to generate these shared passwords, doesn’t take a place here in the tool because the tool depends on the structure of the protocol only. The shared secret passwords P&N have been identified as constants and their scope is within the protocol because they should be used inside all
• Initiator role A:
This role represents the start of the communication to compute the shared secret key. The selection of random
value rA, which is the first step in the protocol structure (see Figure 2) by Alice (initiator), has been
clarified by using the fresh declaration which is used by SPDL to get random values. Nonce is a standard
data type that is often used in Scyther tool.
The calculation of SA (Scalar value), E (element value), and A1 (hash value) occurs by using the predefined
functions, and then SA and A1 will be sent to role B.
Note: labels in recv and send need to disambiguate similar occurrences of events in a protocol specification.
In addition, they are used to link each send event with its recv one [28].
In the received event of role A, the hash value of B and the Scalar value SB will be saved in a Ticket variable,which can be substituted by any term.Role A will verify if these values are from Role B or not by using the match function. The definition of match [29] ensures the new variable assignment equivalent to the old one and it returns true or false. If the returned value is true then the next steps computed, otherwise Role A will conclude that this value is not from the honest agent, and it closes the session.
The calculation of the secret key needs to be kept in secrecy, so that a claim with the type secret is used. The main idea behind claim events is locality [28] [29]: that a term is not in the adversary knowledge, or any certain role in run. Secrecy means that if an agent communicates with non-compromised agents, the term should be secret in every trace of the protocol. Secrecy expresses that certain information is not revealed to an adversary, even though this data is communicated over an un-trusted network. Here, claim event has been
used to keep session’s key secret and is known to role A only. When the tool runs, it tries to find the corresponding attack to each claim.
• Respondent Role B:
Generates the random value rB by fresh declaration.
Calculates the scalar SB, Element E and hash value B1 and sends it to Role A.
Verifies the received hash value from Role A and compares it by using match function.
If the output of matching is true, then B will calculate the secret session key and claim it with secret type.The SPDL of the protocol is inserted into the Scyther tool to see if any attack could occur or if there is any structural weak point in this proposed protocol. The result of this analysis brings out that there is NO attack found. All roles are verified, which means that no impersonation can occur during the connection and the characteristics of the protocol structure are verified. This means that the way of exchanging the data is totally secure.This result is printed in Figure 7 and Figure 8.
5.1. Off-Line Attack Simulation
Attack class has been applied to previous simulation projects. This class works by measuring the time taken to check all possible passwords, as dictionary size varies from 100, 1000 to 100,000 words. Each experiment was performed 5 times to find the search time by attack class and the average value was taken. As a result, the average time of this search within the enhanced protocol increased linearly as with increase in the dictionary size. The average time of off-line search when the dictionary length is 10,000 is more than 1.5 days, and with the
original Dragonfly protocol [12] the off-line search algorithm took an average of 25 seconds to find the correct password with the same dictionary length. This is because the enhanced protocol has an exponential relationship between the two-secret passwords in thecomputation of the element variable. Therefore, the attacker will be forced to search for two words instead of one. As a comparison between the time that is required for searching one password and the time required for searching two passwords, this experiment found that the time increased
exponentially. The search of such an attack on the patched Dragonfly protocol requires few days to be successful. However, here the execution time will have an impact on the efficiency of Key exchange technique. Table 3 shows a linear relationship between dictionary size and the time taken to try all passwords.
5.2. Comparison between Enhanced Dragonfly and Patched Dragonfly Protocols
The enhanced Dragonfly protocol is very similar to the patched Dragonfly protocol except for two minor changes. Firstly, the patched protocol uses only one shared password and a public key, while the enhanced protocol uses two-shared passwords. Second, the rounds between the initiator and the respondent are only two rounds in the enhanced protocol while it is four rounds in the patched protocol. However, the patched dragonfly involves some computational cost because it is uses a public key validation which creates large bit operations due to its large size. This can decrease the protocol efficiency and make it less appealing than its competitors[12]. Otherwise, in the enhanced dragonfly protocol, the execution of the protocol will take less time. In order to measure the execution time of the enhanced Dragonfly protocol we used the simulation project to compute the time required by the key generation center that uses dictionary size 10,000 plus the time which required by the
initiator party when execute the required computation of the protocol. The cost of both patched and enhanced Dragonfly protocol for each participant has been placed into Table 4, and based on these time measurements we have observed that the efficiency of using two-shared passwords is more than using the public key.
The limitation of this research is that these results are based on a normal speed machine with the 64 bits Windows 8.1 pro-operating system and a processor with the speed of 2.38 GHz which is not the case in the real time attack. Furthermore, the attacker is likely to significantly shorten the time of exhaustive search by distributing the calculation over several high performance machines.
In this research we proved that the Dragonfly protocol can be enhanced in a way, other than the public key validation,to make it secure against off-line dictionary attacks. The proposed solution that has been introduced to the original Dragonfly protocol relies on the use of two-shared secret passwords P and N. This solution works by the use of an exponential relationship between these passwords and performing the authentication process in two
rounds only instead of four, which positively affects its efficiency. The use of public key validation, which is proposed in the patched protocol, is causing a computational cost to its execution that makes it less efficient.However, the execution time of the enhanced Dragonfly protocol and the time of an off-line dictionary attack were measured in the developed simulation project. As a result of this simulation, the required time to execute the enhanced protocol for one of the parties was 19 ms, while it was 64 ms in the patched protocol.
摘 要
关键词:口令认证密钥交换(交换); 原蜻蜓; 打补丁的蜻蜓;
蜻蜓的增强; 两预共享密码
1 介绍
如今,信息以更快的速度增加,它需要保护时,它在不安全的网络交换。为了保护这些信息的最有效方法是密码是密码科学的建立与分析。它包括密码学和密码分析。密码是建立密码和密码分析是科学分析这些代码[科学] 1。有两种类型的密码:
有不同类型的协议2PAKE协议。1992,第一2PAKE协议(称为加密密钥交换(EKE))是由 Bellovin和梅利特提出的。自那时以来,许多其他的2PAKE协议被提出。这一协议是蜻蜓是由丹哈金斯声称此协议具有抵抗被动攻击的定义,主动攻击和离线字典攻击没有安全证明。2013,迪伦与冯分析该协议证明了该协议的安全性能对主动攻击和离线字典攻击有弱点。他们建议补丁蜻蜓作为解决通过添加一个公共密钥验证验证其安全性能。
2 相关工作
在领域的最新研究PAKE协议对使用公共密钥基础设施(PKI)在认证过程。近年来,园区已使用RSA加密算法提供了双方之间的适当的保密。在[ 16 ]提出了一种新的协议称为e3pake-rsa,这是基于三方模型,使两个实体,只需要记住一个humanmemorable RSA方案互相验证并在可信服务器的帮助大会话密钥一致的密码。公共/私人密钥参数由客户而不是一个值得信赖的配送中心的选择,使得在线认证淘汰的过程。据预测,该协议的计算成本将分别根据两方rsa-pake。然而,在测试阶段,适用于通用的结构,e3pake-rsa协议的计算成本是一样的两方rsa-pake和总轮数少于这。实际上,这个协议需要更多的时间来执行针对RSA加密方法的使用和长期的位操作,而其他的PAKE协议(不使用PKI)工作得更快。
3 蜻蜓协议概述
蜻蜓是一种用来交换会话密钥的双方之间的相互认证网格内部网络交换协议。它是由丹[定义] 12。有限循环群都需要实现蜻蜓如有限域密码(FFC)或椭圆曲线密码体制(ECC)[ 17 ]。本文采用FFC实施该协议。有限的领域是“一场F包含有限数目的元素的顺序是F”[ 18 ]。关于有限域的更多详情。在本节中,我们将详细讲解蜻蜓的协议,以发现攻击它所遵循的解决方案是在[ 12建议]。
4 提出的解决方案
2)双方产生标量和单元操作的基础上选择一个标量属于Q随机(R)。然后,每一方将计算他/她的标量(A,B)= R(A,B)+ N和E = P元素操作–N.
3)双方将计算出的哈希值E = H(E)。
5)之后,每一方将计算共享密钥是SS =(PSB E)RA
6)然后创建一个共享密钥,K = H(SS | E |(SA某人)mod q)。
4.1 在协议测试方法
一个模拟项目已开发测试需要执行协议相比,修补的蜻蜓协议的时间。这是写在Java和保持净豆。该项目已通过使用64位的Windows 8.1 Pro操作系统处理和与速度2.38 GHz处理器。该项目包括三个不同的类别:
•id_a,id_b是引发剂和被申请人的身份。身份是MAC地址。例如id_a =
001cb3098515,id_b = 001ab3008600。
3)enhanceddragonfly:是执行方案的类。它作为引发剂,这是爱丽丝。被告代理这是鲍勃将遵循由这类提供相同的步骤。首先,一个随机值RA将选自{ 1,……Q },而Q是一个子群顺序如表2所示。的
2)scalar_operation:它是计算标量运算,SA RA + N =
3)element_operation:它是计算单元操作,E = P n
4.2 蜻蜓的增强协议测试与分析
其语言学习。所有可能的攻击将被用来测试工具。自动分析进行研究。各种工具用于分析安全协议和检查任何攻击的可能性会发生在协议投入使用。这方面的一个例子是飞天螳螂的工具支持对这些腐败模型具有LED的许多攻击,以前只能通过人工分析[ 22 ]发现自动检测协议的评价。
4.2.1 飞天螳螂的工具和论文描述
任何协议应进行分析,以查看是否有任何可能的攻击,可以发现它是多么的安全。自动分析的最新方法,用于安全协议分析和它比人工更高效。所需的时间写协议的描述取决于其语言学习。所有可能的攻击将被用来测试工具。自动分析进行研究。各种工具用于分析安全协议和检查任何攻击的可能性会发生在协议投入使用。这方面的一个例子是飞天螳螂的工具支持对这些腐败模型具有LED的许多攻击,以前只能通过人工分析[ 22 ]发现自动检测协议的评价。
飞天螳螂是一个最有效的分析工具与其他工具相比。结果发现,这个工具可以发现攻击比别人更有效,它也可以与无限数量的会话验证协议。它的运行时间也比别人少。有许多协议已通过该等工具分析了IKEv2协议IKEv1,西装,ISO / IEC 9798系列认证协议和MQV协议族的飞天螳螂的工具以协议描述作为输入,并输出报告陈述请求是否是真或假,无论任何攻击被发现或没有,和任选地,从XML描述跟踪模式[ 25 ]跟踪模式的graphvizlibrary或表示点可视化图形描述语言。此外,还有一组Python绑定的飞天螳螂的命令行工具,以脚本飞天螳螂实验提供了一个方便的方法。图5显示了这个工具厂。
安全协议形式化描述语言(SPDL)是一种用于飞天螳螂写协议[ 26 ]语言。这种语言是足够的表现力,以一种抽象的方式捕捉最相关的安全协议。它允许我们发展高层次的推理方法和工具,可以适用于一大类protocols.spdl用于创建现有的协议,使用对称和非对称加密的定义。它包括三个范围;全球范围(最大范围),协议范围(小于全球)和作用范围(最小的一个)。此外,它包括需要执行作用的初步知识(事件,每个代理的角色includessequence如发送或接收消息),声明函数,全局常量和变量。
4.2.2 该增强蜻蜓协议分析结果
•密钥生成中心KGC的作用[ 27 ]:用在这里通过共享密钥密码P和N的角色A和B的产生方式,它是用来产生这些共享密码,并不需要一个地方来的工具,因为该工具取决于结构的协议只。共享密钥密码P和N被确定为常数及其范围内的协议,因为他们应该用在所有
此外,他们是用来连接每个发送事件的接收一个[ 28 ]。
在角色一个接收到的事件,B的哈希值和标量值某人将被保存在一张票的变量,它可以通过任何术语取代。角色将验证这些值是从角色B或不使用匹配功能。火柴[ 29 ]确保新变量赋值相当于旧的定义和它返回true或false。如果返回值是真的然后下一步计算,否则作用会得出这样的结论:这个值是不诚实的经纪人,并关闭会话。
密钥的计算需要保密,所以一个类型使用秘密索赔。在索赔事件的主要思想是局部性[ 28 ] [ 29 ]:这一项不在对手的知识,或有一定的作用在运行。保密意味着如果代理与非代理通信术语应该妥协,在协议的每一丝秘密。表示一定保密信息不透露给对手,尽管这个数据是在不可信的网络连通。在这里,索赔事件已用于维持会话的关键秘密是众所周知的作用只。该工具运行时,它试图找到相应的攻击各有说法。
计算标量某人,元和散列值并将其发送到角色A B1
5 讨论
5.1 离线攻击仿真
原蜻蜓协议[ 12 ]离线搜索算法平均花费25秒找到正确的密码字典长度相同。这是因为增强协议的元变量计算两密码指数之间的关系。因此,攻击者将不得不寻找两个而不是一个词。作为一个比较之间的时间,是寻找一个密码和搜索两个密码所需的时间要求,本实验发现时间增加
5.2 蜻蜓,蜻蜓之间增强的修补方案的比较
增强的蜻蜓协议是补丁的蜻蜓协议非常相似,除了两个小的变化。首先,修补协议仅使用一个共享的密码和公钥,而增强的协议采用两共享密码。其次,发起人与被告之间的轮在增强协议只有两轮,而这是在修补协议四轮。然而,补丁的蜻蜓涉及一些计算成本,因为它是使用一个公共密钥验证造成大的位操作由于其大尺寸。这可以减少协议的效率,使它比其竞争对手[ 12 ]缺乏吸引力。否则,在增强蜻蜓的协议,该协议的执行将花更少的时间。为了测量采用模拟项目来计算使用字典大小的10000加上所需的时间密钥生成中心所需时间的增强蜻蜓协议的执行时间引发剂方在执行所需的协议计算。每个参与者的补丁和增强蜻蜓协议已经被放置在表4的成本,并根据这些时间的测量我们发现,使用两个共享密码的效率比使用公共密钥。
本研究的局限性在于,这些结果是基于正常机速与64位Windows 8.1 Pro操作系统和一个2.38 GHz的实时攻击不是这样速度的处理器。此外,攻击者可能会显著缩短穷举搜索时间分布的计算在几个高性能的机器。