一类具有“开端”结构的安全协议分析方法研究

Formal Analysis Approach for a Kind of Open-ended Protocols

下载PDF

导出

摘要开端协议(Open-ended Protocol)的分析是安全协议领域中一个待解决的重要问题,而IKE则是一个有代表性的具有"开端"结构的安全协议。本文基于串空间的Athena方法,针对IKEv2协议中的"开端"结构涉及的DH(Dif-fie-Hellman)问题,增加了群、散列函数等原语,给出并证明了一个新的消减规则;针对"开端"结构,引入了集合的数学概念,建立了新的消息类型,重新定义了串空间中的消息项、替换、入侵者模型,以及Athena相应的内在项、目标和目标绑定,给出了一个新的替代关系。应用扩展后的方法,分析了协议,发现一个新的认证性缺陷,给出了解决该缺陷的方法。 The formal analysis of Open-ended Protocols is one of emerging areas of research. The IKEv2 protocol offers a complex example. Our work is based on Athena which is an efficient automatic checking approach. We introduce set theory to deal with Open-ended structure. The new notion of message terms, substitution and the penetrator model are given and the relevant propositions or theorem such as interm relation, goal and goal-binding are therefore modified and proved. A new relation is proposed which is used in order to keep the character of Athena approach. We also introduce the ability on modeling the DH problem to Athena according to IKEv2 protocol, a new pruning theorem is given and proved. Based on the research, we analyze IKEv2 protocol, and find a new weakness of authentication. An amendment is given.

作者董荣胜吴光伟骆翔宇古天龙

机构地区桂林电子科技大学计算机系

出处《计算机科学》 CSCD 北大核心 2008年第7期45-49,共5页 Computer Science

基金国家自然科学基金(60763004) 广西自然科学基金项目(0542052)的资助

关键词开端协议 DIFFIE-HELLMAN SECURITY ASSOCIATION 串空间 ATHENA Open-ended protocol, Diffie-hellman, Security association, Strand spaces, Athena

分类号 TP393.08 [自动化与计算机技术—计算机应用技术] O1-4 [理学—基础数学]

引文网络
相关文献

参考文献9

1Meadows C. Formal methods for cryptographic protocol analysis : Emerging issues and trends. IEEE Journal on Selected Areas in Communication, 2003,21 (1) : 44-54.
2Bella G, Massacci F, Paulson L C, et al. Formal verification of cardholder registration in SET//Cuppens F, eds. Computer Security-GSORICS 2000. Springer LNCS 1895,2000 : 159-174.
3Bryans J, Schneider S. CBS, PVS, and a recursive authentication- protocol,//Proceedings of the DIMACS Worksho Pon Design and Formal Verification of Security Protocols. 1997:3-5.
4Zhou J. Fixing a security flaw in IKE protocols. Electronics Letters, 1999,35 (13) : 1072-1073.
5Ferguson N, Schneier B. A security evaluation of IPSecffBlaze M, Ioannides J, Keromytis A, et al, eds. The IPSec Papers. Addison-Wesley, to appear.
6Kaufman C. Internet Key Exchange (IKEv2) Protocol. Intemet Draft. http://www. ietf. org/intemet-drafts /draft-ietf-ipsecikev2-11. txt.
7Boneh D. The decision Diffie-Hellman problemffProceedings of the Third Algorithmic Number Theory Symposium, number 1423 in Lecture Notes in Computer Science. Springer-Verlag, 1998:48-63.
8Perrig A,Song D,Berezin S. Athena:a novel approach to effcient automatic security protocol, analysis. Journal of Computer Security, 2001,9(1/2) :47-74.
9Thayer F J, Herzog J C, Guttman J D. Strand spaces:Why isa security protocol correct// Proceedings of 1998 IEEE Symposium on Security and Privacy. 1998:160-171.

1吴光伟,董荣胜.基于串空间的Athena分析技术研究[J].计算机科学,2006,33(8):9-13. 被引量：3
2董荣胜,吴光伟,郭云川,古天龙.基于串空间模型的Athena方法的改进[J].计算机工程,2007,33(8):136-138.
3李超,董荣胜.针对猜测攻击的Athena方法的扩展[J].计算机科学,2007,34(12):65-67.
4张锦,唐亮,龙峰,胡运发.一种基于CLIPS的轻量级规则语言系统实现[J].计算机工程,2004,30(5):55-57. 被引量：1
5李超,董荣胜,郭云川.针对协议组合问题的Athena方法扩展[J].桂林电子科技大学学报,2007,27(4):274-278.
6朱宏峰,刘天华,常桂然.一种组认证密钥协商协议的安全分析及改进[J].东北大学学报（自然科学版）,2007,28(9):1254-1257.
7朱宏峰,刘天华,刘杰,常桂然.一种基于口令的多方密钥协商协议[J].兵工学报,2008,29(2):148-152. 被引量：1
8李广飞(译),赵振江(译),陆柱家(校).寻找更好的散列函数[J].数学译林,2010(3):226-228.
9数码精品[J].数码精品世界,2007(3):18-25.
10曲鼎.天网Athena的惊叹[J].计算机应用文摘,2006(21):87-87.

计算机科学

2008年第7期

浏览历史

内容加载中请稍等...

一类具有“开端”结构的安全协议分析方法研究

参考文献9

相关作者

相关机构

相关主题

浏览历史