检索结果-南通市图书馆

SeVe： automatic tool for verification of security protocols

Frontiers of Computer Science 2012年第1期6卷 57-75页

作者： Anh Tuan LUU Jun SUN Yang LIU Jin Song DONG Xiaohong LI Thanh Tho QUAN School of Computing National University of Singapore Singapore 119077 Singapore School of Computing Singapore University of Technology and Design Singapore 138682 Singapore Department of Computer Science Tianjin University Tianjin 300222 China Department of Computer Science HoChiMinhCity University of Technology HoChiMinh City 162903 Vietnam

security protocols play more and more important roles with wide use in many applications nowadays. Cur- rently, there are many tools for specifying and verifying secu- rity protocols such as Casper/FDR, ProVerif, or AVISPA. In these tools, the intruder＇s ability, which either needs to be specified explicitly or set by default, is not flexible in some circumstances. Moreover, whereas most of the existing tools focus on secrecy and authentication properties, few supports privacy properties like anonymity, receipt freeness, and coer- cion resistance, which are crucial in many applications such as in electronic voting systems or anonymous online transac- tions. In this paper, we introduce a framework for specifying security protocols in the labeled transition system （LTS） se- mantics model, which embeds the knowledge of the par- ticipants and parameterizes the ability of an attacker. Us- ing this model, we give the formal definitions for three types of privacy properties based on trace equivalence and knowledge reasoning. The formal definitions for some other security properties, such as secrecy and authentica- tion, are introduced under this framework, and the veri- fication algorithms are also given. The results of this pa- per are embodied in the implementation of a SeVe mod- ule in a process analysis toolkit （PAT） model checker, which supports specifying, simulating, and verifying se- curity protocols. The experimental results show that a SeVe module is capable of verifying many types of secu- rity protocols and complements the state-of-the-art securityverifiers in several aspects. Moreover, it also proves the abil- ity in building an automatic verifier for security protocols re- lated to privacy type, which are mostly verified by hand now.

关键词： security protocols model checking processanalysis toolkit (PAT) authentication secrecy privacy

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Modular approach to the design and analysis of password-based security protocols

引用

Science in China(Series F) 2007年第3期50卷 381-398页

作者： FENG DengGuo CHEN WeiDong State Key Laboratory of Information security Institute of Software Chinese Academy of Sciences Beijing100080 China

In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of ＂weak computational indistinguishability＂ based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of ＂weak pseudorandomness＂. Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution （PSKD） protocol and protected password change （PPC） protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.

关键词： security protocols weak computational indistinguishability provable security random oracle model (ROM) standardmodel

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

On ASGS framework:general requirements and an example of implementation

引用

Journal of Zhejiang University-Science A(Applied Physics & Engineering) 2007年第4期8卷 511-521页

作者： KULESZA Kamil KOTULSKI Zbigniew Department of Applied Mathematics and Theoretical Physics University of CambridgeCambridge CB3 0WAUK Institute of Fundamental Technological ResearchPolish Academy of SciencesWarsaw 00-049Poland Institute of Fundamental Technological Research Polish Academy of SciencesWarsaw 00-049Poland

In the paper we propose a general, abstract framework for Automatic Secret Generation and Sharing (ASGS) that should be independent of underlying Secret Sharing Scheme (SSS). ASGS allows to prevent the Dealer from knowing the secret. The Basic Property Conjecture (BPC) forms the base of the framework. Due to the level of abstraction, results are portable into the realm of quantum computing. Two situations are discussed. First concerns simultaneous generation and sharing of the random, prior nonexistent secret. Such a secret remains unknown until it is reconstructed. Next, we propose the framework for automatic sharing of a known secret. In this case the Dealer does not know the secret and the secret Owner does not know the shares. We present opportunities for joining ASGS with other extended capabilities, with special emphasis on PVSS and pre-positioned secret sharing. Finally, we illustrate framework with practical implementation.

关键词： Secret sharing security protocols Dependable systems Authentication management

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

A Novel Approach to Automatic security Protocol Analysis Based on Authentication Event Logic

引用

Chinese Journal of Electronics 2015年第1期24卷 187-192页

作者： XIAO Meihua MA Chenglin DENG Chunyan ZHU Ke School of Software East China Jiaotong University

Since security protocols form the cornerstones of modern secure networked systems, it is important to develop informative, accurate, and deployable approach for finding errors and proving that protocols meet their security requirements. We propose a novel approach to check security properties of cryptographic protocols using authentication event logic. Compared with logic of algorithm knowledge, authentication event logic guarantees that any well-typed protocol is robustly safe under attack while reasoning only about the actions of honest principals in the protocol. It puts no bound on the size of the principal and requires no state space enumeration and it is decidable. The types for protocol data provide some intuitive explanation of how the protocol works. Our approach has led us to the independent rediscovery of flaws in existing protocols and to the design of improved protocols.

关键词： security protocols Formal analysis Authentication event logic.

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Proving Mutual Authentication Property of RCIA Protocol in RFID Based on Logic of Events

引用

Chinese Journal of Electronics 2022年第1期31卷 79-88页

作者： ZHONG Xiaomei XIAO Meihua ZHANG Tong YANG Ke LUO Yunxian School of Software East China Jiaotong University

The increasing commercialization and massive deployment of radio frequency identification(RFID) systems has raised many security related issues which in return evokes the need of security protocols. Logic of events theory(Lo ET) is a formal method for constructing and reasoning about distributed systems and protocols that involve concepts of security. We propose fresh ciphertext and ciphertext release lemmas to extend Lo ET for analyzing and proving the security of authentication protocols that use symmetric key cryptography more than just digital signature. Based on the extended Lo ET we formally analyze and prove the authentication property of RCIA protocol, which provides mutual authentication between Tag and Reader in RFID *** proof approach based on extended Lo ET could be applied to the design and analysis of such ultralightweight RFID mutual authentication protocols.

关键词： logic of events theory mutual authentication property private key cryptography fresh ciphertext telecommunication security distributed systems ultralightweight RFID mutual authentication protocols radio frequency identification systems LoET radiofrequency identification formal method massive deployment symmetric key cryptography cryptographic protocols RCIA protocol security protocols

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Robust Authentication and Session Key Agreement Protocol for Satellite Communications

引用

Computers, Materials & Continua 2022年第6期71卷 5891-5910页

作者： Somayeh Soltani Seyed Amin Hosseini Seno Juli Rejito Rahmat Budiarto Department of Computer Engineering Ferdowsi University of MashhadMashhad***Iran Faculty of Mathematics and Science Universitas PadjadjaranJatinangor45363Indonesia Faculty of Computer Science Universitas Mercu BuanaJakarta11650Indonesia

Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their *** coverage and service stability of these networks have increased their *** eavesdropping and active intrusion in satellite communications are much easier than in terrestrial networks,securing satellite communications is *** far,several protocols have been proposed for authentication and key exchange of satellite communications,but none of them fullymeet the security *** this paper,we examine one of these protocols and identify its security ***,we propose a robust and secure authentication and session key agreement protocol using the elliptic curve cryptography(ECC).We show that the proposed protocol meets common security requirements and is resistant to known security ***,we prove that the proposed scheme satisfies the security features using the Automated Validation of Internet security protocols and Applications(AVISPA)formal verification tool and On-the fly Model-Checker(OFMC)and ATtack SEarcher(ATSE)model *** have also proved the security of the session key exchange of our protocol using theReal orRandom(RoR)***,the comparison of our scheme with similar methods shows its superiority.

关键词： Satellite communications authentication session key agreement secure communication security protocols formal verification

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Towards the Idealization Procedure of BAN-Like Logics

引用

Wuhan University Journal of Natural Sciences 2005年第1期10卷 214-218页

作者： CAOLi-li CHENKe-fei DepartmentofComputerScienceandEngineering ShanghaiJiaotongUniversityShanghai200030China

We demonstrate the flaws of Mao's method, which is an augmentation ofprotocol idealization in BAN-like logics, and then offer some new idealization rules based on Mao'smethod. Furthermore, we give some theoretical analysis of our rules using the strand spaceformalism, and show the soundness of our idealization rules under strand spaces Some examples onusing the new rules to analyze security protocols are also concerned. Our idealization method ismore effective than Mao's method towards many protocol instances, and is supported by a formalmodel.

关键词： security protocols BAN logic idealization strand spaces

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

security analysis and improvement on resilient storage outsourcing schemes in mobile cloud computing

引用

Journal of Southeast University(English Edition) 2012年第4期28卷 392-397页

作者：刘晓蒋睿东南大学信息科学与工程学院南京210096

The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme （ShS） has vulnerabilities regarding confidentiality and integrity; meanwhile, the coding-based scheme （COS） and the encryption-based scheme （EnS） have vulnerabilities on integrity. The corresponding attacks on these vulnerabilities are given. Then, the improved protocols such as the secure sharing-based protocol （SShP）, the secure coding-based protocol （SCoP） and the secure encryption- based protocol （SEnP）, are proposed to overcome these vulnerabilities. The core elements are protected through public key encryptions and digital signatures. security analyses show that the confidentiality and the integrity of the improved protocols are guaranteed. Meanwhile, the improved protocols can keep the frame of the former schemes and have higher security. The simulation results illustrate that compared with the existing protocols, the communication overhead of the improved protocols is not significantly increased.

关键词： mobile cloud computing cloud storage security protocols

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Towards the Idealization Procedure of BAN-Like Logics

Towards the Idealization Procedure of BAN-Like Logics

引用

The 1st Chinese Conference on Trusted Computing and Information security

作者： CAO Li-li, CHEN Ke-fei Department of Computer Science and Engineering, Shanghai Jiaotong University,Shanghai 200030, China

＜正＞ We demonstrate the flaws of Mao’s method, which is an augmentation of protocol idealization in BAN-like logics, and then offer some new idealization rules based on Mao’s method. Furthermore, we give some theoretical analysisof our rules using the strand space formalism, and show the soundness of our idealization rules under strand spaces. Some examples on using the new rules to analyze security protocolsare also concerned. Our idealization method is more effectivethan Mao’s method towards many protocol instances, and is supported by a formal model.

关键词： security protocols BAN logic idealization strand spaces

来源： cnki会议评论

在线全文

cnki会议

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：