期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

计算可靠的Diffie-Hellman密钥交换协议自动证明 被引量:14

Computationally sound mechanized proofs for Diffie-Hellman key exchange protocols
下载PDF
导出
摘要 针对Diffie-Hellman密钥交换协议,提出了采用观测等价关系的建模方法,证明了该方法的可靠性,并利用该方法扩展了自动工具CryptoVerif的验证能力。发现了对公钥Kerberos协议自动证明中敌手能力模型的缺陷,并提出了修正方法。利用扩展的CryptoVerif自动证明了基于Diffie-Hellman的Kerberos协议的安全性,验证了该扩展方法的有效性。与现有大部分证明方法不同的是,该证明方法既保留了自动证明工具的易用性,又保证了计算模型下的强可靠性。 A computationally observational equivalence model for the Diffe-Hellman key agreement primitive was pro-posed and the soundness of the model was proved.Compared with prior works,this model can extend the power of the mechanized prover CryptoVerif directly.When applying the model to proving the public-key Kerberos,the deficiency of the adversary's capability was uncovered and an enhanced model for the adversary was presented.The model was vali-dated by verifying the public-key Kerberos in Diffie-Hellman mode with CryptoVerif automatically.Being different from current approaches,the verification procedure is both automatic and computationally sound.
作者 冯超 张权 唐朝京
机构地区 国防科技大学电子科学与工程学院
出处 《通信学报》 EI CSCD 北大核心 2011年第10期118-126,共9页 Journal on Communications
基金 国家自然科学基金资助项目(60872052)~~
关键词 密码协议 Diffie-Hellman原语 KERBEROS协议 自动化证明 security protocols Diffie-Hellman primitives Kerberos protocol mechanized proofs
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1DIFFIE W, HELLMAN M E. New directions in cryptography[J]. IEEE Transactions IEEE Transactions on Information Theory, 1976, IT-22(6):644-654.
  • 2DELICA R, SCHNEIDER S. A formal approach for reasoning about a class of Diffie-Hellman protocols[A]. Proc of Formal Aspects in Security and Trust[C]. Tyne, UK,2005.34-46.
  • 3MILLEN J, SHMATIKOV V. Symbolic protocol analysis with products and Diffie-Hellman exponentiation[A]. 16th IEEE Computer Security Foundations Workshop[C]. Pacific Grove, CA, USA, 2003. 47-61.
  • 4KAPUR D, NARENDRAN P, WANG L. Analyzing protocols that use modular exponentiation: Semantic unification techniques[A]. Proc of RTA[C]. Valencia, Spain, 2003.
  • 5CHEVALIER Y, KUSTERS R, RUSINOWITCH M, et al. Complexity results for security protocols with Diffie-Hellman exponentiation and commuting public key encryption[J]. ACM Trans Comput Logic, 2008 9(4):1-52.
  • 6BRESSON E, LAKHNECH Y, MAZARE L, et al. A generalization of DDH with applications to protocol analysis and computational soundness[A]. Advances in Cryptology-CRYPTO 2007[C]. Santa Barbara, CA, USA,2007.482-499.
  • 7ZHU L, TUNG B. Public Key Cryptography for Initial Authentication in Kerberos (PKINIT)[S]. RFC 4556, 2006.
  • 8BACKES M, CERVESATO I, JAGGARD A D, et al. Cryptographically sound security proofs for basic and public-key kerberos[A]. Proceedings of llth European Symposium on Research in Computer Security[C]. Hamburg, Germany, 2006.362-383.
  • 9LAKHNECH Y, MAZARE L. Computationally Sound Verification of Security Protocols Using Diffie-Hellman Exponentiation[R]. Cryptology Print Archive: Report, 2005/097, 2005.
  • 10DATTA A, DEREK A, MITCHELL J C, et al. Protocol composition logic(PCL)[J]. Electronic Notes in Theoretical Computer Science, 2007, 172:311-358.

同被引文献83

  • 1来学嘉,卢明欣,秦磊,韩峻松,方习文.基于DNA技术的非对称加密与签名方法[J].中国科学:信息科学,2010,40(2):240-248. 被引量:7
  • 2彭华熹.一种基于身份的多信任域认证模型[J].计算机学报,2006,29(8):1271-1281. 被引量:56
  • 3杨绚渊,刘艳,陆建德.一种改进的交叉认证路径构造算法设计[J].计算机工程,2006,32(24):146-148. 被引量:2
  • 4凌晓东.SOA综述[J].计算机应用与软件,2007,24(10):122-124. 被引量:113
  • 5VIGANO L.Automated security protocol analysis with the AVISPAtool[J].Electronic Notes in Theoretical Computer Science,2006,155:61-86.
  • 6ARMANDO A,BASIN D,BOICHUT Y,et al The AVISPA tool for theautomated validation of Internet security protocols and applications[C]//Lecture Notes in Computer Science,vol 3576.Berlin:Springer-Verlag,2005:281-285.
  • 7DOLEV D,YAO A C.On the security of public-key protocols[J].IEEE Trans on Information Theory,1983,29(2):198-208.
  • 8BRADNER S,MANKIN A,SCHILLER J.A framework for purpose-built keys(PBK)[EB/OL].[2013-01-20].http://tools.ietf.org/search/draft-bradner-pbk-frame-06.
  • 9The AVISPA Team.The HLPSL tutorial:a beginner's guide to mode-ling and analysing Internet security protocols[EB/OL].[2013-01-20].http://www.avispa-project.org.
  • 10The AVISPA Team.AVISPA vl.I user manual[EB/OL].[2013-01-20].http://www.avispa-project.org.

引证文献14

二级引证文献56

通信学报
2011年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部