计算机工程 ›› 2011, Vol. 37 ›› Issue (12): 127-129.doi: 10.3969/j.issn.1000-3428.2011.12.043

• 安全技术 • 上一篇    下一篇

基于攻击者行为能力的SVO协议分析

刘志猛   

  1. (山东工商学院计算机科学与技术学院,山东 烟台 264005)
  • 收稿日期:2010-11-10 出版日期:2011-06-20 发布日期:2011-06-20
  • 作者简介:刘志猛(1974-),男,讲师,主研方向:信息安全
  • 基金项目:
    国家自然科学基金资助项目(60773053, 60970088)

Analysis of SVO Protocol Based on Attacker Behavior Capability

LIU Zhi-meng   

  1. (School of Computer Science and Technology, Shandong Institute of Business and Technology, Yantai 264005, China)
  • Received:2010-11-10 Online:2011-06-20 Published:2011-06-20

摘要: SVO原逻辑不适用于证明基于证书的认证与密钥交换协议安全性问题。为此,提出2个SVO逻辑相关公理,对证书真实性与会话密钥安全性进行判断及验证,并结合Dolev-Yao安全模型,从攻击者行为能力的角度评估密码协议的安全性。经分析证明Mangipudi协议未能提供前向安全且存在假冒攻击的安全缺陷,因此给出一个在Dolev-Yao安全模型下可证明安全的解决方案。

关键词: 安全协议, SVO逻辑, 攻击者行为能力, 认证协议

Abstract: According to the fact that SVO logic lacks relative axioms of judging and verifying the validity of certificates and the security proof of authenticated exchange protocols, this paper advices to estimate the protocols security from the aspect of ability of attackers by combining Dolev-Yao threat model with the extension of SVO logic which proves that Mangipudi protocol is not immune from impersonation attack and has no the security property of forward secrecy. Then a provable security scheme which overcomes all above flaws in the Dolev-Yao threat model is proposed.

Key words: secure protocol, SVO logic, attacker behavior capability, authentication protocol

中图分类号: