密码协议分析的信任多集方法

提出了一种基于逻辑的信任多集方法,它与已有的密码协议安全性分析方法本质上不同:每个参与主体建立的新信任只应依赖于该主体已拥有的信任和接收或发送的包含了信任的新鲜性标识符的消息本身.在基于匹配对话和不可区分性的计算模型下,证明了给出的保证密码协议单方认证安全、双方认证安全、单方密钥安全和双方密钥安全的充分必要条件分别满足4个可证安全定义.实例研究和对比分析表明,信任多集方法有以下特点:首先,安全性分析结果要么证明了一个密码协议是安全的,要么指出了密码协议安全属性的缺失,由安全属性的缺失能够直接导出构造攻击的结构;其次,分析方法与密码协议和攻击者能力的具体形式化描述无关;最后,不仅可用于手工分析,而且便于开发出自动验证系统.

Belief Multiset Formalism for Cryptographic Protocol Analysis

This paper proposes a belief multisets formalism for analyzing cryptographic protocols, and the formalism is foundationally different from the previous: a participant's beliefs should depend only on the sent or received fresh messages and the beliefs already possessed by this party. The presented security adequacy of unilateral authentication secure, mutual authentication secure, unilateral session key secure, or mutual session key secure is proved not only substantial but also necessary to meet 4 security definitions respectively under the computational model of matching conversation and indistinguishability. Illustrations and comparison show that the analysis results based on the belief multisets suggest the correctness of a protocol or the way to construct attacks intuitively from the absence of security properties. The formalism is independent of the concrete formalization of a protocol or attackers' possible behaviors. The formalism can be developed not only by hand but also by automation.