摘要
以认证测试方法为基础提出一种检测模型,通过对消息类型的检测和核对能够明确消息的初始产生主体,进而对主体的身份进行认证。将检测模型同认证测试方法相结合,能够克服原有认证测试方法缺乏判断消息初始产生者的缺点,从而在安全协议的分析中能够检测出协议可能存在的安全漏洞。通过对Neuman-Stubblebine协议的安全性验证表明,该方法能够有效地检测到原认证测试方法无法发现的类型攻击。
This paper proposes a new checking model based on the authentication tests for security protocol analysis. With the model, each component of the ciphertext is verified to determine its originator, so that the replayed attack can be detected in time. The combination of the check model and authentication tests can overcome the deficiency of the original authentication tests in detecting message replay attacks. The proof of neuman-stubblebine protocol shows that the checking model can detect the type flaw attack efficiently, while the original authentication tests cannot.
出处
《计算机工程》
CAS
CSCD
北大核心
2007年第13期1-3,39,共4页
Computer Engineering
基金
国家"863"计划基金资助项目(2002AA145090
2005AA145110)
