基于Scyther的组认证协议的形式化分析与模型检验

2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP) Pub Date : 2016-02-01 DOI:10.1109/PDP.2016.27

Huihui Yang, A. Prinz, V. Oleshchuk

{"title":"基于Scyther的组认证协议的形式化分析与模型检验","authors":"Huihui Yang, A. Prinz, V. Oleshchuk","doi":"10.1109/PDP.2016.27","DOIUrl":null,"url":null,"abstract":"Scyther [1] is designed to check the security and vulnerabilities of security protocols. In this paper, we use Scyther to analyze two discrete logarithm problem (DLP) based group authentication protocols proposed in [2]. These two protocols are claimed to satisfy several security requirements, but only part of them have been checked because of the properties and limitations of Scyther. Some positive results have been gained and show that the protocols provide mutual authentication and implicit key authentication and are secure against impersonation attack. An important innovation in this paper is that we have extended the expressing ability of Scyther by giving some reasonable assumption during the analysis and security checking.","PeriodicalId":192273,"journal":{"name":"2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Formal Analysis and Model Checking of a Group Authentication Protocol by Scyther\",\"authors\":\"Huihui Yang, A. Prinz, V. Oleshchuk\",\"doi\":\"10.1109/PDP.2016.27\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Scyther [1] is designed to check the security and vulnerabilities of security protocols. In this paper, we use Scyther to analyze two discrete logarithm problem (DLP) based group authentication protocols proposed in [2]. These two protocols are claimed to satisfy several security requirements, but only part of them have been checked because of the properties and limitations of Scyther. Some positive results have been gained and show that the protocols provide mutual authentication and implicit key authentication and are secure against impersonation attack. An important innovation in this paper is that we have extended the expressing ability of Scyther by giving some reasonable assumption during the analysis and security checking.\",\"PeriodicalId\":192273,\"journal\":{\"name\":\"2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDP.2016.27\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDP.2016.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

Scyther[1]是用来检查安全协议的安全性和漏洞的。在本文中，我们使用Scyther分析了[2]中提出的两个基于离散对数问题(DLP)的组认证协议。这两个协议声称满足了几个安全要求，但由于Scyther的属性和限制，它们只被检查了一部分。一些积极的结果表明，该协议提供了相互认证和隐式密钥认证，并且能够抵御冒充攻击。本文的一个重要创新是通过在分析和安全检查中给出一些合理的假设，扩展了Scyther的表达能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Formal Analysis and Model Checking of a Group Authentication Protocol by Scyther

Scyther [1] is designed to check the security and vulnerabilities of security protocols. In this paper, we use Scyther to analyze two discrete logarithm problem (DLP) based group authentication protocols proposed in [2]. These two protocols are claimed to satisfy several security requirements, but only part of them have been checked because of the properties and limitations of Scyther. Some positive results have been gained and show that the protocols provide mutual authentication and implicit key authentication and are secure against impersonation attack. An important innovation in this paper is that we have extended the expressing ability of Scyther by giving some reasonable assumption during the analysis and security checking.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP)

自引率

0.00%

发文量