摘要： Athena分析方法由于没有抽象更多的密码学原语，因此不能分析较复杂的安全协议。该文针对互联网密钥交换协议(IKEv2)，对Athena方法进行了扩展：修改消息项结构，扩展密码学原语，使其能分析DH（Diffie-Hellman）密钥协商问题，修改内在项关系，使其能应对更复杂的消息构造情况，并对相关命题和定理进行了证明。根据扩展后的Athena方法，对IKEv2协议的秘密性和认证性等进行了分析，对协议的特点作了进一步讨论。

关键词: 串空间, Athena, DH密钥协商, IKEv2协议

Abstract: Athena approach can not analyze some complex security protocols because of its poor cryptographic primitives. This paper extends theory of Athena approach according to IKEv2 protocol. In the structure of message terms, some cryptographic primitives are added to handle DH key agreement, and the in-term relation is modified to deal with complex message structure. In addition, the secrecy, authentication and some other properties of IKEv2 protocol are analyzed with the proposed approach.

Key words: Strand spaces, Athena, DH key agreement, IKEv2 protocol