A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

doi:10.1007/s12204-015-1592-0

Journal of shanghai Jiaotong University (Science) ›› 2015, Vol. 20 ›› Issue (1): 82-85.doi: 10.1007/s12204-015-1592-0

Previous Articles Next Articles

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义)

(1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)
(1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)

Online:2015-02-28 Published:2015-03-10
Contact: XU Chen (徐琛) E-mail:xc_cn@foxmail.com

Abstract

Abstract: This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

Key words: remote desktop protocol (RDP)| key agreement| middleman attack| prevention and detection

摘要： This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

关键词: remote desktop protocol (RDP)| key agreement| middleman attack| prevention and detection

CLC Number:

TP 393.04

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义). A Strategy for Middleman Attack Prevention in Remote Desktop Protocol[J]. Journal of shanghai Jiaotong University (Science), 2015, 20(1): 82-85.

[1]	Luo Peng, Zhu Yue-fei. Security of Windows RDP protocol [J]. Computer Engineering, 2007, 33(20):145-147 (in Chinese).
[2]	Guo Hao, Guo Tao. A method of man-in-t he-middle attack based on ARP spoofing [J]. Information Security and Communications Privacy, 2005, 10(1): 66-68(in Chinese).
[3]	Fiat A, Shamir A. How to prove yourself: Practical solutions to identification and signature problems [J].Lecture Notes in Computer Science, 1987, 263: 186-194.
[4]	Shamir A. How to share a secret [J]. Communications of the ACM, 1979, 22(11): 612-613.

[1]	CHIEN Hung-yu (简宏宇). Provably Secure Authenticated Diffie-Hellman Key Exchange for Resource-Limited Smart Card [J]. Journal of shanghai Jiaotong University (Science), 2014, 19(4): 436-439.
[2]	SU Jinhai,LUAN Xin，GUO Yixi,ZHAO Hongtao. A Group Key Agreement Scheme for QKD Networks [J]. Journal of Shanghai Jiaotong University, 2014, 48(10): 1498-1502.

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

Knowledge

Abstract

Cite this article

share this article

References 4

Related Articles 2

Recommended Articles

Metrics

Comments