This paper elaborated on the limitation of authentication test theorem, illustrated the fundamental cause of that limitation through examples, then enhanced authentication test to solve this problem, and also proved t...This paper elaborated on the limitation of authentication test theorem, illustrated the fundamental cause of that limitation through examples, then enhanced authentication test to solve this problem, and also proved the soundness of that improvement with formal method. The enhanced theory can deal with protocols with test component as proper subterm of other regular node' s component under certain conditions, and extend the application scope of authentication test. With enhanced authentication test, the automatic protocol verification tools will be more efficient and convenient.展开更多
Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trad...Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trade and so on. Recently, Li et al. analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication and the session key agreement against several kinds of attacks. In this paper, a cryptanalysis on Lee et al.'s scheme shows that Lee et al's protocol is also vulnerable to malicious server attack, stolen smart card attack and leak-of-verifier attack. Moreover, Li e/ al.'s improved protocol is also vulnerable to all these attacks. Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.展开更多
基金the National High Technology Research and Development Programme of China(No.863-104-03-01)
文摘This paper elaborated on the limitation of authentication test theorem, illustrated the fundamental cause of that limitation through examples, then enhanced authentication test to solve this problem, and also proved the soundness of that improvement with formal method. The enhanced theory can deal with protocols with test component as proper subterm of other regular node' s component under certain conditions, and extend the application scope of authentication test. With enhanced authentication test, the automatic protocol verification tools will be more efficient and convenient.
基金supported by the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002Young Foundation of Humanities and Social Sciences of MOE (Ministry of Education in China) of under Grant No.11YJCZH160Foundation for Young Scientists of Jiangxi Province of China under Grant No.20133BCB23016
文摘Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trade and so on. Recently, Li et al. analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication and the session key agreement against several kinds of attacks. In this paper, a cryptanalysis on Lee et al.'s scheme shows that Lee et al's protocol is also vulnerable to malicious server attack, stolen smart card attack and leak-of-verifier attack. Moreover, Li e/ al.'s improved protocol is also vulnerable to all these attacks. Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.
