检索结果-南通市图书馆

cryptographic protocol security analysis based on bounded constructing algorithm

Science in China(Series F) 2006年第1期49卷 26-47页

作者： LI Xianxian HUAI Jinpeng School of Computer Beihang University Beijing 100083 China

An efficient approach to analyzing cryptographic protocols is to develop automatic analysis tools based on formal methods. However, the approach has encountered the high computational complexity problem due to reasons that participants of protocols are arbitrary, their message concurrent. We propose an efficient structures are complex and their executions are automatic verifying algorithm for analyzing cryptographic protocols based on the cryptographic protocol Algebra （CPA） model proposed recently, in which algebraic techniques are used to simplify the description of cryptographic protocols and their executions. Redundant states generated in the analysis processes are much reduced by introducing a new algebraic technique called Universal Polynomial Equation and the algorithm can be used to verify the correctness of protocols in the infinite states space. We have implemented an efficient automatic analysis tool for cryptographic protocols, called ACT-SPA, based on this algorithm, and used the tool to check more than 20 cryptographic protocols. The analysis results show that this tool is more efficient, and an attack instance not offered previously is checked by using this tool.

关键词： cryptographic protocol formal analysis security verification.

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Algebra model and security analysis for cryptographic protocols

引用

Science in China(Series F) 2004年第2期47卷 199-220页

作者： HUAIJinpeng LIXianxian SchoolofComputer BeijingUniversityofAeronauticsandAstronauticsBeijing100083China

More and more cryptographic protocols have been used to achieve various security requirements of distributed systems in the open network environment. However cryptographic protocols are very difficult to design and analyze due to the complexity of the cryptographic protocol execution, and a large number of problems are unsolved that range from the theory framework to the concrete analysis technique. In this paper, we build a new algebra called cryptographic protocol algebra (CPA) for describing the message operations with many cryptographic primitives, and proposed a new algebra model for cryptographic protocols based on the CPA. In the model, expanding processes of the participants knowledge on the protocol runs are characterized with some algebraic notions such as subalgebra, free generator and polynomial algebra, and attack processes are modeled with a new notion similar to that of the exact sequence used in homological algebra. Then we develope a mathematical approach to the cryptographic protocol security analysis. By using algebraic techniques, we have shown that for those cryptographic protocols with some symmetric properties, the execution space generated by an arbitrary number of participants may boil down to a smaller space generated by several honest participants and attackers. Furthermore we discuss the composability problem of cryptographic protocols and give a sufficient condition under which the protocol composed of two correct cryptographic protocols is still correct, and we finally offer a counterexample to show that the statement may not be true when the condition is not met.

关键词： cryptographic protocol formal analysis information security algebra system.

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

New Semantic Model for Authentication protocols in ASMs

引用

Journal of Computer Science & Technology 2004年第4期19卷 555-563页

作者： RuiXue Deng-GuoFeng StateKeyLaboratoryofInformationSecurity InstituteofSoftwareTheChineseAcademyofSciencesBeijing100080P.R.China

A new semantic model in Abstract State Model (ASM) for authentication protocols is presented. It highlights the Woo-Lam's ideas for authentication, which is the strongest one in Lowe's definition hierarchy for entity authentication. Apart from the flexible and natural features in forming and analyzing protocols inherited from ASM, the model defines both authentication and secrecy properties explicitly in first order sentences as invariants. The process of proving security properties with respect to an authentication protocol blends the correctness and secrecy properties together to avoid the potential flaws which may happen when treated separately. The security of revised Helsinki protocol is shown as a case study. The new model is different from the previous ones in ASMs.

关键词： cryptographic protocol formal analysis abstract state machine (ASM) authentication protocol

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Authenticated Diffie-Hellman Key Agreement protocol with Forward Secrecy

引用

Wuhan University Journal of Natural Sciences 2008年第6期13卷 641-644页

作者： ZHANG Chuanrong ZHANG Yuqing Telecommunication Engineering Institute Air Force Engineering University Xi'an 710077 Shaanxi China State Key Laboratory of Information Security/Graduate University of Chinese Academy of Science Beijing 100049 China

Forward secrecy is an important security property in key agreement protocol. Based on Ham＇s protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham＇s protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user＇s secret key and it is very beneficial to today＇s communication with portable devices.

关键词： cryptographic protocol authenticated Diffie-Hellman key agreement protocol forward secrecy

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

一种用于Web服务的密码协议及实现

一种用于Web服务的密码协议及实现

引用

2005年全国理论计算机科学学术年会

作者：杨扬李祥贵州大学计算机软件与理论研究所贵州大学计算机软件与理论研究所

＜正＞ Web服务（Web Service）是因特网上进行分布式计算的新兴模式。随着越来越多的采用Web服务方式的分布式应用的出现,Web服务的安全性问题就日益显得重要。本文根据实际应用中遇到的具体问题,设计了一套适用于Web服务通信过程的密... 详细信息

＜正＞ Web服务（Web Service）是因特网上进行分布式计算的新兴模式。随着越来越多的采用Web服务方式的分布式应用的出现,Web服务的安全性问题就日益显得重要。本文根据实际应用中遇到的具体问题,设计了一套适用于Web服务通信过程的密码协议,并在微软.NET框架下使用SOAP扩展对该协议进行了实现。1 Web服务及微软.NET的SOAP扩展Web服务（Web Services）是一种完全基于XML（eXtensible Markup Language）的软件技术。

关键词： cryptographic protocol SOAP Extension Web Services

来源： cnki会议评论

在线全文

cnki会议

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：