{"title":"基于滑动窗口的改进Kerberos协议及其形式化分析","authors":"Yingchao Ren, Xuefeng Yan, Haoming Guo","doi":"10.1109/CSAIEE54046.2021.9543352","DOIUrl":null,"url":null,"abstract":"Aiming at the problem that the time stamp mechanism in the Kerberos protocol cannot effectively resist replay attacks, this paper proposes an improved kerberos protocol based on the sequence number and sliding window mechanism. The authentication server and the application server maintain a sliding window with a sequence number to determine the replay of the client's request message. Considering the impact of message reordering and long jump rearrangement, a fault-tolerant shift mechanism is added to the server to increase the window Flexibility. We give the specific process of the improved kerberos protocol, and use the BAN logic to formally analyze the improved protocol to verify the security and reliability of the protocol.","PeriodicalId":376014,"journal":{"name":"2021 IEEE International Conference on Computer Science, Artificial Intelligence and Electronic Engineering (CSAIEE)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improved Kerberos protocol based on sliding window and its formal analysis\",\"authors\":\"Yingchao Ren, Xuefeng Yan, Haoming Guo\",\"doi\":\"10.1109/CSAIEE54046.2021.9543352\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Aiming at the problem that the time stamp mechanism in the Kerberos protocol cannot effectively resist replay attacks, this paper proposes an improved kerberos protocol based on the sequence number and sliding window mechanism. The authentication server and the application server maintain a sliding window with a sequence number to determine the replay of the client's request message. Considering the impact of message reordering and long jump rearrangement, a fault-tolerant shift mechanism is added to the server to increase the window Flexibility. We give the specific process of the improved kerberos protocol, and use the BAN logic to formally analyze the improved protocol to verify the security and reliability of the protocol.\",\"PeriodicalId\":376014,\"journal\":{\"name\":\"2021 IEEE International Conference on Computer Science, Artificial Intelligence and Electronic Engineering (CSAIEE)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Computer Science, Artificial Intelligence and Electronic Engineering (CSAIEE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAIEE54046.2021.9543352\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Computer Science, Artificial Intelligence and Electronic Engineering (CSAIEE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAIEE54046.2021.9543352","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improved Kerberos protocol based on sliding window and its formal analysis
Aiming at the problem that the time stamp mechanism in the Kerberos protocol cannot effectively resist replay attacks, this paper proposes an improved kerberos protocol based on the sequence number and sliding window mechanism. The authentication server and the application server maintain a sliding window with a sequence number to determine the replay of the client's request message. Considering the impact of message reordering and long jump rearrangement, a fault-tolerant shift mechanism is added to the server to increase the window Flexibility. We give the specific process of the improved kerberos protocol, and use the BAN logic to formally analyze the improved protocol to verify the security and reliability of the protocol.