共查询到20条相似文献,搜索用时 78 毫秒
1.
针对秘密共享方案的自动化验证问题,提出一种基于等值理论的秘密共享方案自动化验证方法。首先通过等值理论在应用Pi演算中对可验证的多秘密共享方案的密码学语义进行了形式化定义。在此基础上,进一步提出了一种用于将所提出等值理论转化为自动化协议验证器ProVerif中重写机制的编码方法,在ProVerif中实现了关于可验证的多秘密共享方案的自动化验证。通过证明给出了关于可验证的多秘密共享方案形式化分析结果的健壮性结论:如果自动化协议验证器ProVerif中可验证的多秘密共享方案的形式化分析结果满足特定安全属性,则其能够归约证明应用Pi演算模型中针对可验证的多秘密共享方案所建立的现实敌手可以“模拟”ProVerif验证器中的理想敌手,其意味着现实敌手与理想敌手是不可区分的。 相似文献
2.
Algebra model and security analysis for cryptographic protocols 总被引:5,自引:0,他引:5
HUAI Jinpeng & LI Xianxian School of Computer Beijing University of Aeronautics Astronautics Beijing China Correspondence should be addressed to Huai Jinpeng 《中国科学F辑(英文版)》2004,47(2):199-220
With the rapid growth of the Internet and the World Wide Web a large number of cryptographic protocols have been deployed in distributed systems for various application requirements, and security problems of distributed systems have become very important issues. There are some natural problems: does the protocol have the right properties as dictated by the requirements of the system? Is it still secure that multiple secure cryptographic protocols are concurrently executed? How shall we analy… 相似文献
3.
The abstraction of cryptographic operations by term algebras, called Dolev–Yao models, is essential in almost all tool-supported
methods for proving security protocols. Recently significant progress was made in proving that Dolev–Yao models can be sound
with respect to actual cryptographic realizations and security definitions. The strongest results show this in the sense of
blackbox reactive simulatability (BRSIM)/UC, a notion that essentially means the preservation of arbitrary security properties
under arbitrary active attacks and in arbitrary protocol environments, with only small changes to the Dolev–Yao models and
natural implementations. However, these results are so far restricted to core cryptographic systems like encryption and signatures.
Typical modern tools and complexity results around Dolev–Yao models also allow operations with more algebraic properties,
in particular XOR because of its clear structure and cryptographic usefulness. We show that it is not possible to extend the
strong BRSIM/UC results to XOR, at least not with remotely the same generality and naturalness as for the core cryptographic
systems. We also show that for every potential soundness result for XOR with secrecy implications, one significant change
to typical Dolev–Yao models must be made. On the positive side, we show the soundness of a rather general Dolev–Yao model
with XOR and its realization in the sense of BRSIM/UC under passive attacks.
A preliminary version of this paper appeared in Proc. 10th European Symposium on Research in Computer Security [9] 相似文献
4.
研制高效的自动分析系统是密码协议安全性分析的一项关键任务,然而由于密码协议的分析非常复杂,存在大量未解决的问题,使得很多现有分析系统在可靠性和效率方面仍存在许多局限性.该文基于一种新提出的密码协议代数模型和安全性分析技术,设计并实现了一个高效的安全协议安全性自动分析系统(Security Protocol Analyzer,SPA).首先对协议安全目标进行规范,然后从初始状态出发,采用有效的搜索算法进行分析证明,试图发现针对协议的安全漏洞.使用该系统分析了10多个密码协议的安全性,发现了一个未见公开的密码协议攻击实例.实验数据显示,该系统与现有分析工具相比,具有较高的分析可靠性和效率,可作为网络系统安全性评测以及密码协议设计的有效辅助工具. 相似文献
5.
6.
基于CCS的加密协议分析 总被引:4,自引:0,他引:4
加密协议的分析需要形式化的方法和工具.该文定义了加密协议描述语言PEP (principals+environment=protocol),并说明对于一类加密协议,其PEP描述可以转化为有穷的基本CCS进程,由此可以在基于CCS的CWB(concurrency workbench)工具中分析加密协议的性质.此方法的优点在于隐式地刻画攻击者的行为,试图通过模型检查(model checking)发现协议潜在的安全漏洞,找到攻击协议的途径. 相似文献
7.
Jean Goubault-Larrecq Muriel Roger Kumar Neeraj Verma 《The Journal of Logic and Algebraic Programming》2005,64(2):219
We show how cryptographic protocols using Diffie–Hellman primitives, i.e., modular exponentiation on a fixed generator, can be encoded in Horn clauses modulo associativity and commutativity. In order to obtain a sufficient criterion of security, we design a complete (but not sound in general) resolution procedure for a class of flattened clauses modulo simple equational theories, including associativity–commutativity. We report on a practical implementation of this algorithm in the MOP modular platform for automated proving; in particular, we obtain the first fully automated proof of security of the IKA.1 initial key agreement protocol in the so-called pure eavesdropper model. 相似文献
8.
Formal methods
and tools are key aspects for the analysis of cryptographic protocols. In this paper, a
formal language PEP (principals+environment=protocol) for the specification of
cryptographic protocols is proposed. For some cryptographic protocols, their PEP
specifications can be translated into finite basic CCS processes, so it is possible to
analyze the security properties using CCS-based tools such as CWB (concurrency workbench).
The advantage of the mothod proposed in this paper is that the actions of the attacker can
be implicitly specified, and if the potential back door of the protocol analyzed exists,
the attacking action trace can be explicitly found out by model checker. 相似文献
9.
10.
Fabio Martinelli Marinella Petrocchi Anna Vaccarelli 《Software Testing, Verification and Reliability》2006,16(1):33-59
This paper describes and formally analyses two communication protocols that manage the secure emission of digital certificates. The formal analysis is carried out by means of a software tool for the automatic verification of cryptographic protocols with finite behaviour. The tool is able to discover, at a conceptual level, attacks against security procedures. The methodology is general enough to be applied to several kinds of cryptographic procedures and protocols. It is the opinion of the authors that this approach contributes towards a better understanding of the structure and aims of a protocol, for developers, analysers and final users. Copyright © 2005 John Wiley & Sons, Ltd. 相似文献
11.
1 Introduction 1.1 Background Cryptographic protocols have been used to provide security services for many applications on the open communication environment. More and more cryptographic protocols will be designed to solve the increasing security requirem… 相似文献
12.
随着安全协议形式化分析技术的不断发展,利用工具自动验证虽已得到实现,但建模环节仍需依赖专业人员手工建模,难度大且成本高,限制了此技术的进一步推广。为了提高建模的自动化程度,提出了依据安全协议代码进行形式化模型辅助生成的方案。首先,使用污点分析获取协议的通信流程,并且记录密码学原语操作;然后,根据通信流程之间的序列关系构建协议通信状态机;最终,根据目前主流的安全协议形式化分析工具Tamarin的模型语法生成形式化模型。实验结果表明,此方案可以生成形式化模型中的关键部分,提高了形式化建模的自动化程度,为形式化分析技术的推广作出贡献。 相似文献
13.
Alexey Gotsman Fabio Massacci Marco Pistore 《Electronic Notes in Theoretical Computer Science》2005,135(1):59
We present an algorithm for the translation of security protocol specifications in the HLPSL language developed in the framework of the AVISPA project to a dialect of the applied pi calculus. This algorithm provides us with two interesting scientific contributions: at first, it provides an independent semantics of the HLPSL specification language and, second, makes it possible to verify protocols specified in HLPSL with the applied pi calculus-based ProVerif tool. Our technique has been implemented and tested on various security protocols. The translation can handle a large part of the protocols modelled in HLPSL. 相似文献
14.
《Computer Standards & Interfaces》2007,29(3):387-397
Computer networks are exposed to serious security threats that can even have catastrophic consequences from both the points of view of economy and safety if such networks control critical infrastructures, such as for example industrial plants. Security must then be considered as a fundamental issue starting from the earlier phases of the design of a system, and suitable techniques and tools should be adopted to satisfy the security-related requirements. The focus of this paper is on how formal methods can help in analysing the standard cryptographic protocols used to implement security-critical services such as authentication and secret keys distribution in critical environments. The analysis of the 802.11 shared key authentication protocol by S3A, a fully automatic software tool that is based on a formal approach, is illustrated as a case study, which also highlights the peculiarities of analysing protocols based on wireless channels. 相似文献
15.
OpenID Connect协议是最新的单点登录协议之一,已经广泛应用于用户身份认证领域,其安全性受到了人们的重点关注。为增强OpenID Connect协议的安全性,首先引入数字签名及非对称加密技术,对其进行改进,重点关注改进后协议的秘密性和认证性;其次基于符号模型,应用应用PI演算对改进的OpenID Connect协议进行形式化建模;然后为验证改进后协议的认证性和秘密性,分别使用非单射性和query对认证性和秘密性进行建模;最后把改进的OpenID Connect协议的应用PI演算模型转换为安全协议分析工具ProVerif的输入,应用ProVerif对其进行形式化分析。实验结果表明,改进后的OpenID Connect协议具有认证性和秘密性。 相似文献
16.
Symbolic protocol analysis in the union of disjoint intruder theories: Combining decision procedures
Most of the decision procedures for symbolic analysis of protocols are limited to a fixed set of algebraic operators associated with a fixed intruder theory. Examples of such sets of operators comprise XOR, multiplication, abstract encryption/decryption. In this report we give an algorithm for combining decision procedures for arbitrary intruder theories with disjoint sets of operators, provided that solvability of ordered intruder constraints, a slight generalization of intruder constraints, can be decided in each theory. This is the case for most of the intruder theories for which a decision procedure has been given. In particular our result allows us to decide trace-based security properties of protocols that employ any combination of the above mentioned operators with a bounded number of sessions. 相似文献
17.
This paper gives a novel approach to verify the secrecy property of cryptographic protocols under equational theories. Indeed, by using the notion of interpretation functions, this paper presents some sufficient and practical conditions allowing to guarantee the secrecy property of cryptographic protocols under any equational theory. An interpretation function is a safe means by which an agent can estimate the security level of message components that he receives so that he can handle them correctly. Also, this paper proves that polynomials help a lot with the construction of an interpretation function and gives a guideline on how to construct such functions together with an example and how to use it to analyse a cryptographic protocol. 相似文献
18.
在Federico提出的一种密码协议进程语言的基础上,建立了便于进行密码协议分析的简化Petri网模型,给出了协议满足秘密性的充要条件,并以NS公钥协议为例,用Petri网模型,结合归纳方法和串空间分析方法从密钥、新鲜数和协议主体三个方面的秘密性分析了该协议的秘密性,简化了协议秘密性的分析。 相似文献
19.