上海交通大学学报(英文版) ›› 2015, Vol. 20 ›› Issue (1): 82-85.doi: 10.1007/s12204-015-1592-0

• • 上一篇    下一篇

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义)   

  1. (1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)
  • 出版日期:2015-02-28 发布日期:2015-03-10
  • 通讯作者: XU Chen (徐琛) E-mail:xc_cn@foxmail.com

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义)   

  1. (1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)
  • Online:2015-02-28 Published:2015-03-10
  • Contact: XU Chen (徐琛) E-mail:xc_cn@foxmail.com

摘要: This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

关键词: remote desktop protocol (RDP), key agreement, middleman attack, prevention and detection

Abstract: This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

Key words: remote desktop protocol (RDP), key agreement, middleman attack, prevention and detection

中图分类号: