计算机科学

计算机科学 ›› 2014, Vol. 41 ›› Issue (12): 112-117.doi: 10.11896/j.issn.1002-137X.2014.12.024

• 信息安全 • 上一篇    下一篇

改进Athena算法的多协议攻击自动化验证方法

刘威,郭渊博,雷新锋,李俊锋   

  1. 解放军信息工程大学 郑州450001;数学工程与先进计算国家重点实验室 郑州450001;解放军信息工程大学 郑州450001;数学工程与先进计算国家重点实验室 郑州450001;中国人民解放军第61840部队 北京100097;太原卫星发射中心 太原036300
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家部委基金项目(9140C130103120C13062)资助

Automatic Verification for Multi-protocol Attacks by Improving Athena

LIU Wei,GUO Yuan-bo,LEI Xin-feng and LI Jun-feng   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

527

摘要: 多协议环境下协议安全性问题是安全协议形式化分析验证领域的一个公开问题。针对此问题,在分析Athena算法的基础上提出了一种多协议攻击自动化验证方法。该方法扩展了Athena状态表示方法和后继状态生成算法,使得攻击者具备截取其它协议交互消息和计算生成当前协议消息的能力,能够以自动化的方式验证协议是否存在多协议攻击。实验结果表明,提出的方法能够实现多协议攻击的自动化验证。

关键词: 多协议攻击,自动化验证,安全属性,Athena算法,逆向搜索

Abstract: Protocol security in multi-protocol environments is an open issue in formal analysis for security protocols.Aiming at this problem,an automatic verification for multi-protocol attacks was proposed based on Athena algorithm.The state representation and successor state generation algorithm of Athena are extended,and the attacker can intercept messages from one protocol and insert messages generated by it to another protocol.Some state reduction rules are introduced.The method can verify whether there is a multi-protocol attack.The experiment results show that the method can implement automatic verification for multi-protocol attacks.

Key words: Multi-protocol attacks,Automatic verification,Security properties,Athena,Backwards search

[1] Burrows M,Abadi M,Needham R.A logic of authentication[J].Mathematical and Physical Sciences,1989,426(1871):233-271
[2] Vigano L.Automated Security Protocol Analysis With theAVISPA Tool[J].Electronic Notes in Theoretical Computer Science,2006,155:61-86
[3] Paulson L C.The inductive approach to verifying cryptographic protocols[J].Journal of computer security,1998,6(1):85-128
[4] Fábrega F J T,Herzog J C,Guttman J D.Strand spaces:Proving security protocols correct[J].Journal of computer security,1999,7(2):191-230
[5] Bella G.What is correctness of security protocols?[J].Journal of Universal Computer Science,2008,4(12):2083-2106
[6] Khoury P,Hacid M,Sinha S K,et al.A Study on recent trends on integration of security mechanisms[M]∥Ras Z W,Dardzinska A.Advances in Data Management.Berlin:Springer-Verlag,2009:203-224
[7] Mathuria A,Singh A R,Sharavan P V,et al.Some new multi- protocol attacks[C]∥Proc of the 15th Int Conf on Advanced Computing and Communications.Washington:IEEE Computer Society Press,2007:465-471
[8] Genge B,Haller P.A Syntactic Approach for Identifying Multi-Protocol Attacks[C]∥Ultra Modern Telecommunications and Workshops.Washington:IEEE Computer Society Press,2009:1-5
[9] 杨元原,马文平,刘维博,等.有效的多协议攻击自动化检测系统[J].重庆大学学报,2012,5(2):71-77
[10] Song D,Perrig A,Berezin S.Athena:a novel approach to efficient automatic security protocol analysis[J].Journal of Computer Security,2001,9(1):47-74
[11] Song D.An Automatic Approach for Building Secure Systems[D].Berkeley:University of California at Berkeley,2002
[12] Lowe G.A hierarchy of authentication specifications[C]∥Proc of The 10th Computer Security Foundations Workshop.Wa-shington:IEEE Computer Society Press,1997:31-43
[13] Security protocols open repository[EB/OL].2012-02-11[2013-11-17].http://www.lsv.ens-cachan.fr/Software/spore/table.html
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发