特殊环境下的协议安全的研究.docVIP

特殊环境下的协议安全研究  摘  要  随着 Internet 技术的发展，安全协议在电子商务和电子政务中的应 用越来越多。与此相应的就是人们对协议的安全性更加关注，尤其是在 特殊环境下如何建模和分析安全协议显得尤为重要。 本文首先研究和分析了现有的安全协议的建模和分析方法，找出其 中的优势和不足。考虑环境的特殊性，选用符合标准的基于事件的 GSPML 语言对广义的挑战-应答协议和 TLS 握手协议的简化版本建立了 可视化的模型。 在此基础上，本文对广义的挑战-应答协议的安全条件进行了分析， 列出了在对称密码体制和非对称密码体制下挑战-应答协议需要满足的 安全条件，以及不满足这些条件将会导致的攻击和与之相应的协议认证 性的缺失。值得注意的是，在两种密码体制下挑战-应答协议在最小形式 上是有所区别的。然后，作者对传统认为的三轮认证协议进行了分析， 认为在有主动攻击者存在的情况下，单纯的认证协议无法完全保证认证 的目的。 此外，本文对四种形式化方法的自动工具进行了分析，这些工具涵 盖了形式化分析方法的三大流派。作者主要从用户界面和易用性，运行 状态数和时间，数据独立性和离散时间支持，协议错误的发现能力这四 个方面进行比较，并给出了综合能力的结论。 关键词：安全协议，形式化方法，自动工具，挑战-应答协议 THE RESEARCH OF SECURITY PROTOCOLS IN SPECIAL ENVIRONMENT ABSTRACT With the development of Internet technology, security protocols play more and more important in e-business and e-government application. People pay more attention on the security of protocols, especially in how to model and analyze security protocols in special environment. We first research and analyze on the existing modeling and analyzing methods on security protocols and find the advantages and disadvantages of them. Considering the speciality of the environment, we choose event-based GSPML language to set up visual models for general challenge-response protocol and the simplified version of TLS handshake protocol, which meet all out standards. Then we give a detail analysis on the security conditions for general challenge-response protocol, and we list the necessary conditions for challenge-response protocol in both symmetry and asymmetry cryptographic forms, as well as the attack to them if the conditions are not met. The point we should pay attention to is the difference between the minimum forms of both cryptographic forms. After that, we analyze the traditional three rounds authentication protocols and find that the pure authentication protocol cannot achieve its goal in the environment with active intruders. Besides that, four automation tools of formal methods are analyzed in this paper. These tools contain the logic, model checking and