检测类型缺陷的形式化构造攻击方法
针对密码认证协议的类型缺陷问题, 细粒度地刻画了该类协议的消息类型结构特征, 提出并证明了类型缺陷攻击存在性定理, 基于原子消息加密数据结构及串空间模型提出了检测类型缺陷的形式化构造攻击方法, 应用于密码认证协议的形式化分析, 找到了一系列关于该类协议的类型缺陷攻击, 指出了产生类型缺陷的根本原因以及修正措施, 为了使密码协议设计渐趋精细化、标准化、科学化, 给出了无消息-类型同态性、相似性、等价性等密码协议设计准则, 突破了消息类型复杂多样、类型缺陷难以检测的密码协议设计关键技术. 以Yahalom-Paulson协议为例, 分析说明该方法的具体应用, 检测出了该协议存在的两类类型缺陷攻击....
Saved in:
| Published in | Journal of Cryptologic Research Vol. 8; no. 6; p. 1058 |
|---|---|
| Main Authors | , , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
Beijing
Chinese Association for Cryptologic Research, Journal of Cryptologic Research
01.01.2021
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2097-4116 |
| DOI | 10.13868/j.cnki.jcr.000496 |
Cover
| Abstract | 针对密码认证协议的类型缺陷问题, 细粒度地刻画了该类协议的消息类型结构特征, 提出并证明了类型缺陷攻击存在性定理, 基于原子消息加密数据结构及串空间模型提出了检测类型缺陷的形式化构造攻击方法, 应用于密码认证协议的形式化分析, 找到了一系列关于该类协议的类型缺陷攻击, 指出了产生类型缺陷的根本原因以及修正措施, 为了使密码协议设计渐趋精细化、标准化、科学化, 给出了无消息-类型同态性、相似性、等价性等密码协议设计准则, 突破了消息类型复杂多样、类型缺陷难以检测的密码协议设计关键技术. 以Yahalom-Paulson协议为例, 分析说明该方法的具体应用, 检测出了该协议存在的两类类型缺陷攻击. 理论推导和实例分析表明, 经过该方法分析修正过的密码认证协议在Dolev-Yao模型规范的攻击者能力下能达到可证明安全, 与其它的密码协议形式化工具方法相比较, 该方法有明显的代数结构特征, 而且形式化格式特征突出, 极易判别, 在全面检测密码协议的类型缺陷方面有优势, 发现了一个在公开文献中未曾出现的Wide-Mouth Frog协议的新攻击. |
|---|---|
| AbstractList | 针对密码认证协议的类型缺陷问题, 细粒度地刻画了该类协议的消息类型结构特征, 提出并证明了类型缺陷攻击存在性定理, 基于原子消息加密数据结构及串空间模型提出了检测类型缺陷的形式化构造攻击方法, 应用于密码认证协议的形式化分析, 找到了一系列关于该类协议的类型缺陷攻击, 指出了产生类型缺陷的根本原因以及修正措施, 为了使密码协议设计渐趋精细化、标准化、科学化, 给出了无消息-类型同态性、相似性、等价性等密码协议设计准则, 突破了消息类型复杂多样、类型缺陷难以检测的密码协议设计关键技术. 以Yahalom-Paulson协议为例, 分析说明该方法的具体应用, 检测出了该协议存在的两类类型缺陷攻击. 理论推导和实例分析表明, 经过该方法分析修正过的密码认证协议在Dolev-Yao模型规范的攻击者能力下能达到可证明安全, 与其它的密码协议形式化工具方法相比较, 该方法有明显的代数结构特征, 而且形式化格式特征突出, 极易判别, 在全面检测密码协议的类型缺陷方面有优势, 发现了一个在公开文献中未曾出现的Wide-Mouth Frog协议的新攻击. |
| Author | 张岚 王建华 WANG, Jian-Hua ZHANG, Lan |
| Author_xml | – sequence: 1 givenname: Jian-Hua surname: WANG fullname: WANG, Jian-Hua – sequence: 2 givenname: Lan surname: ZHANG fullname: ZHANG, Lan – sequence: 3 fullname: 王建华 – sequence: 4 fullname: 张岚 |
| BookMark | eNotzb1Kw0AAwPEbKlhrX8DVOfG-P0YpfkHBpXu5u9xBoyQ1sXuHgkMFFy3YoYg-gYiIpj5OLvQtFHT6b7__DmhleeYA2EMwRkRyeZDGNrsYxaktYgghVbwF2hgqEVGE-DboluXIQMY4kZiiNoDhZRre581rVa_mzfpr8_jRLGf193O9vqtvF2E120yfwn1V31Rh8RneHnbBlteXpev-twMGx0eD3mnUPz856x32ozGTMHLOGaWFFdp6ir311hgrtXdC0IQib4QSnBHKZEKJglw5xaVmidVGJcgq0gH7f-y4yK8mrrwepvmkyH6PQyyVIhBTyMkPwelZPA |
| ContentType | Journal Article |
| Copyright | 2021. This work is published under http://www.jcr.cacrnet.org.cn/EN/column/column4.shtml Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2021. This work is published under http://www.jcr.cacrnet.org.cn/EN/column/column4.shtml Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | JQ2 |
| DOI | 10.13868/j.cnki.jcr.000496 |
| DatabaseName | ProQuest Computer Science Collection |
| DatabaseTitle | ProQuest Computer Science Collection |
| DatabaseTitleList | ProQuest Computer Science Collection |
| DeliveryMethod | fulltext_linktorsrc |
| GroupedDBID | -SI -S~ ALMA_UNASSIGNED_HOLDINGS CAJEI JQ2 PB1 PB9 Q-- |
| ID | FETCH-LOGICAL-p580-eeeb9a7c7acf42fcfcbbc8afe774d41fb797653458d439069e968a5dcab9d1c93 |
| ISSN | 2097-4116 |
| IngestDate | Mon Jun 30 14:59:51 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 6 |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-p580-eeeb9a7c7acf42fcfcbbc8afe774d41fb797653458d439069e968a5dcab9d1c93 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| PQID | 2899302406 |
| PQPubID | 6503834 |
| ParticipantIDs | proquest_journals_2899302406 |
| PublicationCentury | 2000 |
| PublicationDate | 20210101 |
| PublicationDateYYYYMMDD | 2021-01-01 |
| PublicationDate_xml | – month: 01 year: 2021 text: 20210101 day: 01 |
| PublicationDecade | 2020 |
| PublicationPlace | Beijing |
| PublicationPlace_xml | – name: Beijing |
| PublicationTitle | Journal of Cryptologic Research |
| PublicationYear | 2021 |
| Publisher | Chinese Association for Cryptologic Research, Journal of Cryptologic Research |
| Publisher_xml | – name: Chinese Association for Cryptologic Research, Journal of Cryptologic Research |
| SSID | ssib055638241 ssib058688234 |
| Score | 2.2505858 |
| Snippet | 针对密码认证协议的类型缺陷问题, 细粒度地刻画了该类协议的消息类型结构特征, 提出并证明了类型缺陷攻击存在性定理, 基于原子消息加密数据结构及串空间模型提出了检测类... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| StartPage | 1058 |
| SubjectTerms | Atomic structure Authentication Authentication protocols Cryptography Data structures Defects Design standards Existence theorems Flaw detection Homomorphisms Messages Protocol |
| Title | 检测类型缺陷的形式化构造攻击方法 |
| URI | https://www.proquest.com/docview/2899302406 |
| Volume | 8 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVPQU databaseName: ProQuest Central issn: 2097-4116 databaseCode: BENPR dateStart: 20140101 customDbUrl: http://www.proquest.com/pqcentral?accountid=15518 isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.proquest.com/central omitProxy: true ssIdentifier: ssib055638241 providerName: ProQuest |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnR3LihNBsInZixdRVHyssgfb26zz6J7pPs5kZwlLiCJZCF7CTE8PPiDGmBzc0x4WPKzgRRf0sIh-gYiIZv2cTNg_8GjVzOSBG3xdhqKmp7sqVd1VdOpByA3hOSxJJOw0HZkGA5sFW0q74MixNOJMYcNbjLZouvVtttXm7Urlx0LU0nAQr6udpXkl_yNVwIFcMUv2HyQ7mxQQAIN84QkShudfyZiGLvUdDFYAIOBUBDT0aGDRAABOZTjF1Gjg01BSKWngIUb6VDAcE2xQ386BGhWbCIgalS5OiJ8z_Arm9_MlJCtnFl4OuDgykPnqDi3aWC7xdGv9Z71BccjOIv1mxsAvkqa2QE2N-nBmJO7VyxeNufoi4aLgieP6yBPQsgHI-ZCcEyQXABv4XLzWsK1frjWwe7jG0ixzJc3jLpdRXPzX8Gem8lPVNqVnMKtI8JyaALGg6YvHOTifYqmdcYQrckOjuo8erD9U_bzqq1xS1Lt5u7O53Wh0WmG7dbP3xMB-ZxgXUDZ_OUVWbLBHZpWsBGHzzt3pWYh124Q9d1U5LCjsPEhixkGZA4a03DpByQnfIneYWmfJmfKnWvMLtT1HKjv3zxMz-7Cbfd6ffByND_cnR9-O33yZvN0bf38_Pno5fnGQHe4d777LXo3Gz0fZwdfs0-sLpLUZtmp1o2zaYfS4MA2tdSwjT3mRSpmdqlTFsRJRqmHzJ8xKYw_8X-4wLhJwhU1XaumKiCcqimViKelcJNXu466-RNZipcyEmUolice0tOIo4tiwWWkWKcHdy2R1ymGn3JRPO3h_4GDdPvfK719fJafnardKqoP-UF8D_3IQXy9F8RP7J3cg |
| linkProvider | ProQuest |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E6%A3%80%E6%B5%8B%E7%B1%BB%E5%9E%8B%E7%BC%BA%E9%99%B7%E7%9A%84%E5%BD%A2%E5%BC%8F%E5%8C%96%E6%9E%84%E9%80%A0%E6%94%BB%E5%87%BB%E6%96%B9%E6%B3%95&rft.jtitle=Journal+of+Cryptologic+Research&rft.au=WANG%2C+Jian-Hua&rft.au=ZHANG%2C+Lan&rft.au=%E7%8E%8B%E5%BB%BA%E5%8D%8E&rft.au=%E5%BC%A0%E5%B2%9A&rft.date=2021-01-01&rft.pub=Chinese+Association+for+Cryptologic+Research%2C+Journal+of+Cryptologic+Research&rft.issn=2097-4116&rft.volume=8&rft.issue=6&rft.spage=1058&rft_id=info:doi/10.13868%2Fj.cnki.jcr.000496&rft.externalDBID=NO_FULL_TEXT |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2097-4116&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2097-4116&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2097-4116&client=summon |