Rethinking about guessing attacks

Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ... Pub Date : 2011-03-22 DOI:10.1145/1966913.1966954

Zhiwei Li, Weichao Wang

引用次数: 2

Abstract

Although various past efforts have been made to characterize and detect guessing attacks, there is no consensus on the definition of guessing attacks. Such a lack of generic definition makes it extremely difficult to evaluate the resilience of security protocols to guessing attacks. To overcome this hurdle, we seek a new definition in this paper to fully characterize the attacker's guessing capabilities (i.e., guessability). This provides a general framework to reason about guessing attacks in a symbolic setting, independent of specific intruder models. We show how the framework can be used to analyze both passive and active guessing attacks.

查看原文本刊更多论文

重新思考猜测攻击

尽管过去已经做出了各种努力来表征和检测猜测攻击，但对猜测攻击的定义没有达成共识。这种通用定义的缺乏使得评估安全协议对猜测攻击的弹性变得极其困难。为了克服这一障碍，我们在本文中寻求一个新的定义来充分表征攻击者的猜测能力(即，可猜测性)。这提供了一个通用的框架来推理在符号设置中猜测攻击，独立于特定的入侵者模型。我们展示了如何使用该框架来分析被动和主动猜测攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...

自引率

0.00%

发文量