| 一种基于通道的AVISPA扩展方法研究 |
| |
| 引用本文: | 刘 威,郭渊博.一种基于通道的AVISPA扩展方法研究[J].计算机应用研究,2013,30(12):3783-3785. |
| |
| 作者姓名: | 刘 威 郭渊博 |
| |
| 作者单位: | 解放军信息工程大学 a. 网络空间安全学院; b. 数学工程与先进计算国家重点实验室, 郑州 450001 |
| |
| 基金项目: | 国家部委基金资助项目(9140C130103120C13062) |
| |
| 摘 要: | 针对AVISPA工具在分析某些消息需要依靠具有特定属性的信道传递的安全协议或服务中存在的问题, 提出了一种基于抽象通道的扩展方法。抽象通道具有相关的安全性质保证如认证性, 能够对提供安全性质保证的底层服务建模, 并基于密码机制和标签等实现了抽象通道。利用扩展后的AVISPA工具分析有无消息源认证机制的Diffie-Hellman密钥交换协议的安全性, 表明了方法的有效性, 并且能够简化协议建模过程和增强AVISPA工具协议描述分析能力。
|
| 关 键 词: | 安全协议 形式化分析 安全属性 抽象通道 |
Extension of AVISPA based on concept of channels |
| |
| LIU Wei,GUO Yuan-bo.Extension of AVISPA based on concept of channels[J].Application Research of Computers,2013,30(12):3783-3785. |
| |
| Authors: | LIU Wei GUO Yuan-bo |
| |
| Affiliation: | a. Institute of Cyberspace Security, b. State Key Laboratory of Mathematical Engineering & Advanced Computing, PLA Information Engineering University, Zhengzhou 450001, China |
| |
| Abstract: | For the transmission of some of protocol messages relies on channels with particular security properties, this paper proposed an extension of AVISPA based on abstract channels. It supplied security guarantees such as authentication by abstract channels, and with which it could model the underlying services providing security guarantees. It realized abstract channels with cryptography schemes and labels, and validated the model by verifying Diffie-Hellman key exchange protocol with message origin authentication using extended AVISPA automatically. The extension can simplify protocol modeling and enhance the power of the mechanized tool AVISPA. |
| |
| Keywords: | security protocols formal analysis security properties abstract channels |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
