一个端对端安全协议的缺陷分析

Security analysis of station-to-station security protocol

下载PDF

导出

摘要针对串空间理论的不足,在相关研究的基础上,加入了Diffie-Hellman操作的密码原语,扩展了理想和诚实的概念,拓展了串空间理论的分析范围。分析了一个端对端安全协议的核心安全特性,即保密性和认证特性,使用扩展的串空间理论分析得出该协议不能满足认证性,给出该协议的一个攻击和改进方法。 This paper added Diffie-Hellman cryptographic primitives into strand space aim at the weak of the strand space.Extended the honest and ideals concepts of the strand space,which extended the scope of the strand space.Analyzed the core security property of a station to station protocol,confidentiality and authentication.Used the extended strand space to analysis the protocol and deduced this protocol could not meet the authentication property.Descripted an attack and an improvement of this protocol.

作者陈建熊孙乐昌束妮娜

机构地区合肥电子工程学院网络工程系

出处《计算机应用研究》 CSCD 北大核心 2009年第12期4793-4796,共4页 Application Research of Computers

关键词串空间 DIFFIE-HELLMAN密钥交换数字签名理想 strand space Diffie-Hellman key exchange digital signature ideal

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献9

1THAYER F,HERZOG J C, GUTTMAN J D. Strand space:Why is a security protocol correct [ C ]//Proc of IEEE Symposium on Security and Privacy. Los Alamitos :IEEE Computer Society Press,1998:161-171.
2THAYER F, HERZOG J C, GUTTMAN J D. Strand spaces: proving security protocols correct[ J ]. Journal of Computer Security, 1999, 7(2/3) :191-230.
3SONG D. Athena:a new efficent automatic checker for security protocol analysis[ C ]// Proc of the 12th IEEE Computer Security Foundations Workshop, Los Alamitos: IEEE Computer Society Press, 1999: 178-194.
4SONG D, BEREZIN S, PERRIG A. Athena: a novel approach to efficient automatic security protocol analysis[ J]. Journal of Computer Security,2001, 9( 1 ) :47-74.
5THAYER F, HERZOG J C, GUTTMAN J D. Honest ideals on strand space [ C ]// Proc of the 11th IEEE Computer Security Foundations Workshop. Los Alamitos : IEEE Computer Society Press, 1998:66- 77.
6沈海峰,薛锐,黄河燕,陈肇雄.串空间理论扩展[J].软件学报,2005,16(10):1784-1789. 被引量：16
7HERZOG J C. The Diffie-Hellman Key-agreement scheme in the strand-space model [ C ]//Proc of IEEE Computer Security Foundations Workshop. Pacific Grove, California: IEEE Computer Society Press, 2003:234-248.
8DIFFIE W, VAN OORSCHOT P C, WIENER M J. Authentication and authenticated key exchanges[ J]. Designs, Code and Croptography, 1992, 2 ( 2 ) : 107-125.
9LOWE G. Some new attacks upon security protocol[ C]//Proc of the 9th IEEE Security Foundations Workshop. Los Alamitos:IEEE Computer Society Press, 1996: 162-169.

二级参考文献11

1Fábrega FJT, Herzog JC, Guttman JD. Strand spaces: Proving security protocols correct. Journal of Computer Security, 1999,7(10):191-230.
2Fábrega FJT, Herzog JC, Guttman JD. Authentication tests. In: Titsworth FM, ed. Proc. of the 2000 IEEE Symp. on Security and Privacy (S&P 2000). Los Alamitos: IEEE Computer Society Press, 2000. 96-109.
3Fábrega FJT, Herzog JC, Guttman JD. Mixed strand spaces. In: Guttman J, ed. Proc. of the 12th IEEE Computer Security Foundations Workshop. Los Alamitos: IEEE Computer Society Press, 1999.72-82.
4Dolev D, Yao A. On the security of public-key protocols. IEEE Trans. on Information Theory, 1983,29(2):198-208.
5Maneki AP. Honest functions and their application to the analysis of cryptographic protocols. In: Guttman J, ed. Proc. of the 12th IEEE Computer Security Foundations Workshop. Los Alamitos: IEEE Computer Society Press, 1999. 83-89.
6Anderson R, Needham R. Robustness principles for public key protocols. In: Coppersmith D, ed. Proc. of the Int'l Conf. on Advances in Cryptology (CRYPTO'95). London: Springer-Verlag, 1995. 236-247.
7Harkins D, Kaufman C, Kent S, Kivinen T, Perlman R. Internet key exchange (IKEv2) protocol. 2003. http:∥www.ietf.cnri.reston.va.us/internet-drafts/draft-ietf-ipsec-ikev2-11 .txt.
8Aiello W, Bellovin SM. Efficient, DOS resistant, secure key exchange for Internet protocols. In: Atluri V, ed. Proc. of the ACM Computer and Communications Security (CCS) Conf. New York: ACM Press, 2002.48-58.
9Fábrega FJT, Herzog JC, Guttman JD. Protocol independence through disjoint encryption. In: Lee S, ed. Proc. of the 13th IEEE Computer Security Foundations Workshop (CSFW-13). Los Alamitos: IEEE Computer Society Press, 2000. 24-34.
10Fábrega FJT, Herzog JC, Guttman JD. Honest ideals on strand spaces. In: Werner B, ed. Proc. of the 11th IEEE Computer Security Foundations Workshop. Los Alamitos: IEEE Computer Society Press, 1998.66-77.

共引文献15

1龙士工.理想在猜测攻击分析中的扩展应用[J].贵州大学学报（自然科学版）,2006,23(3):275-278.
2龙士工,罗文俊,袁超伟,李祥.串空间模型中的口令猜测攻击[J].北京邮电大学学报,2007,30(1):62-65. 被引量：3
3董荣胜,吴光伟,郭云川,古天龙.基于串空间模型的Athena方法的改进[J].计算机工程,2007,33(8):136-138.
4卢凤清,林东岱.认证测试的一个扩展[J].中国科学院研究生院学报,2007,24(4):488-493. 被引量：2
5丁萌伟,周清雷,赵东明.Yahalom-Paulson协议的串空间模型与分析[J].计算机工程与应用,2008,44(22):97-99. 被引量：4
6方燕萍,章晓芳,张广泉.串空间模型及其认证测试方法的一种扩展与应用[J].计算机应用,2008,28(12):3205-3207. 被引量：2
7丁萌伟,周清雷,赵东明.Neuman-Stubblebine协议的串空间模型及分析[J].计算机应用与软件,2009,26(5):37-39. 被引量：2
8陈建熊,孙乐昌.认证测试理论的扩展和应用[J].计算机工程,2009,35(15):162-164. 被引量：2
9陈建熊,孙乐昌,潘祖烈,蔡铭.串空间理论的扩展和应用[J].计算机工程,2009,35(22):137-140.
10龙士工.基于带标记串空间模型的安全协议分析[J].微计算机信息,2010,26(6):14-16.

1陈建熊,孙乐昌,潘祖烈,蔡铭.串空间理论的扩展和应用[J].计算机工程,2009,35(22):137-140.
2简淑云.有限域上的椭圆曲线离散对数及Diffie-Hellman密钥交换[J].中山大学研究生学刊（自然科学与医学版）,2005,26(3):85-89.
3付文华,张敏情,李德龙.一种基于多项式的无线传感器网络密钥管理方案[J].计算机应用研究,2011,28(9):3532-3534. 被引量：1
4张瑜,费文晓,余波.基于RSA的数字签名身份认证技术及其JAVA实现[J].信息安全与通信保密,2005,27(11):99-101. 被引量：2
5宫泽林,徐艳红.大数据时代网络舆情分析与研究[J].黑龙江科技信息,2016(17):169-169. 被引量：3
6谢绒娜,欧海文,李凤华,李晓东.基于椭圆曲线密码体制的可认证的密钥交换协议[J].计算机工程与设计,2009,30(22):5068-5070. 被引量：3
7韩明奎,潘进,刘琼,李波.基于扩展Spi演算的IKEv2协议形式化分析与改进[J].计算机技术与发展,2010,20(8):154-158.
8陈建熊,孙乐昌.认证测试理论的扩展和应用[J].计算机工程,2009,35(15):162-164. 被引量：2
9徐会艳,吴克力,孙庆英.无线自组网中基于身份的口令认证方案[J].计算机工程与应用,2013,49(1):120-123. 被引量：2
10任超群,徐明.基于簇的水声传感器网络的安全认证协议[J].计算机科学,2016,43(10):166-171. 被引量：2

计算机应用研究

2009年第12期

浏览历史

内容加载中请稍等...

一个端对端安全协议的缺陷分析

参考文献9

二级参考文献11

共引文献15

相关作者

相关机构

相关主题

浏览历史