计算机工程 ›› 2008, Vol. 34 ›› Issue (17): 176-177.doi: 10.3969/j.issn.1000-3428.2008.17.062

• 安全技术 • 上一篇    下一篇

Yahalom协议及其变体的时序缺陷分析与改进

陶宏才,何大可   

  1. (西南交通大学信息科学与技术学院,成都 610031)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-09-05 发布日期:2008-09-05

Analysis and Improvement of Sequence Flaw for Yahalom Protocol and Its Variants

TAO Hong-cai, HE Da-ke   

  1. (School of Information Science & Technology, Southwest Jiaotong University, Chengdu 610031)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-09-05 Published:2008-09-05

摘要: 研究Yahalom协议及其变体,发现该系列协议存在的时序缺陷,给出一种利用此缺陷攻击Yahalom协议及其变体的方法。尽管Yahalom协议历经几次修改,且被证明不存在密钥泄露问题,但Yahalom协议及其变体仍然存在以前没有被关注过的时序缺陷。该文从时序角度对Yahalom-Paulson协议进行改进。改进后的协议保持了原协议的安全性,同时能抵御原来因时序缺陷所引起的攻击。

关键词: 安全协议, Yahalom协议, 协议时序, 时序缺陷, 安全攻击

Abstract: This paper researches the Yahalom protocol and its variants, finds a sequence flaw existing in them and provides a kind of method to attack them by using the flaw. The Yahalom protocol has been revised several times, and no key-compromise problem is proved in the final Yahalom-Paulson protocol, but the Yahalom protocol and its variants still have the sequence flaw which has never been paid attention before. The Yahalom-Paulson protocol is improved from the angle of sequence. The improved Yahalom-Paulson protocol preserves the security of the original protocol, and can resist the attack caused by the sequence flaw.

Key words: security protocol, Yahalom protocol, protocol sequence, sequence flaw, security attack

中图分类号: