Otway-Rees协议并行攻击的SG逻辑分析

SG Logic Analysis of Otway-Rees Protocol Interleaving Attack

网络信息安全很大程度上取决于密码协议的安全,重放攻击和并行攻击是对密码协议的常见攻击,能够分析并行攻击的形式化分析方法并不多见。该文介绍了一种分析密码协议并行攻击和重放攻击的逻辑方法——SG逻辑,应用它对改进版的Otway-Rees协议进行了分析,找出了BAN类逻辑所不能分析出来的缺陷,针对该缺陷给出了协议的进一步改进,并推证了改进后的协议对SG逻辑的分析是安全的。

The security of network relies to a great extend on the security of cryptographic protocol, while interleaving attack and replaying attack are very common in everyday time, and there are little methods for analyzing this inaccuracies. This paper introduces a method for dealing with this problem, which is called SG logic. It shows the syntax and the semantic of SG logic in a great detail, finds the fault of Otway-Rees protocol, and gives a method to improve it. At last, it proves that the improved protocol is secure under the given attack.