摘要
攻击者获取某主体(actor)的长期私钥后,利用该私钥伪装成其他主体欺骗actor或获取保密信息的行为被称为AKC(Actor Key Compromise)攻击.除密钥交换协议外,AKC攻击在其他类型的协议研究中较少受关注.本文强调了AKC攻击问题的重要性,并对其攻击方式和应对策略进行系统研究.通过实验总结出4类AKC攻击方式,并对应提出3类抵制AKC攻击的协议模型和设计原则.在此基础上,给出了将一般协议转换为AKCS协议(在AKC攻击下保持安全性质的协议)的启发式算法.在实例分析中,将算法应用在Email、SET、Kerberos等协议上.实验表明,上述协议受AKC攻击,但在算法的转换下,协议不再受AKC攻击影响.
After the fact that an adversary obtains an actor's long-term secret key, the adversary may impersonate other actors or obtain secrete information with the key. This kind of attack is called AKC(Actor Key Compromise) attack. Except for key exchange protocols, not much attention has been paid on other types of security protocols in the research of AKC attacks. In this paper, we consider this AKC problem and provide systematic analysis of AKC attacks, its attack patterns and countermeasures. Based on experimental analysis, this paper classifies four AKC attack patterns, and three corresponding protocol models and design principles to protect against AKC attacks. Based on these models and principles, it proposes a heuristic algorithm that transforms a protocol into an AKCS one(that keeps security property under AKC attacks). As case studies, it apply the algorithm on protocols including Email, SET and Kerberos. The results show that these protocols are vulnerable to AKC attacks, but after the transformation by the algorithm, they are no longer vulnerable to such attacks.
出处
《计算机系统应用》
2016年第10期18-26,共9页
Computer Systems & Applications
基金
国家自然科学基金(61272135)
关键词
安全协议
AKC攻击
安全性质
协议转换
security protocol
AKC attack
security property
protocol transformation