Method for establishing cipher protocol security based on trustful greenness

Abstract

A method for building the cryptographic protocol security based on the novelty in the information safety domain, including: determining the safe target of the cryptographic protocol to be concluded; determining the initial hypothesis of the cryptographic protocol security validation; building the cryptographic protocol security attribute obtained by the communication participating main body based on the initial hypothesis and the novelty principle of the cryptographic protocol security after transmitting or receiving each information, till the end of the protocol operation; comparing the obtained cryptographic protocol security attribute with the expected safe target. The invention effectively differentiates whether the information is novel, prevents the attack of the playback and confusion essentially, independent of the security validation and the intercurrent operating environment and the specific formalization description of the attacker's ability, which is of great efficiency to the validation cryptographic protocol, further to be expanded, applied to a plurality of validation of the cryptographic protocol security attribute.

Description

technical field [0001] The present invention relates to a method in the technical field of information security, in particular to a method for establishing cryptographic protocol security based on the freshness of trust. Background technique [0002] Cryptographic protocols, also known as security protocols, are interactive communication protocols based on cryptographic systems, providing confidentiality, authentication, integrity, and non-repudiation for various information transmitted in an open network environment. The security goals of cryptographic protocols are varied. The authentication protocol is a cryptographic protocol aimed at the authentication of the subject's identity or the establishment of a session key, and is the basis of other secure communication protocols. But the existing cryptographic protocols are often proved to be not as secure as their designers expected, and it is a very difficult task to design and verify a correct cryptographic protocol. [0...

AI Technical Summary

Problems solved by technology

Although researchers have proposed many strict security verification methods for the verification of cryptographic protocol security, and have achieved remarkable results, there are still many important issues that have not been satisfactorily resolved: (1). Whether the message is fresh, so that replay and confusion attacks cannot be prevented, is related to the specific formal description of the multi-protocol operating environment and the attacker's capabilities

(2). No specific quantitative indicators are given to ensure that the cryptographic protocol has sufficient security, so that it is impossible to give a sufficient and necessary judgment on the correctness of the protocol

Therefore, although BAN-like logic is very successful in revealing the implicit assumptions missed by the protocol, its inference rules cannot effectively distinguish whether the message is fresh or not, which is related to the specific formal description of the multi-protocol operating environment and the attacker's capabilities. , and cannot detect interleaving attacks and replay attacks

In addition, because the idealization process of the protocol in the BAN class logic is non-standard, the specific quantitative indicators given to ensure that the cryptographic protocol has sufficient security cannot give both sufficient and necessary judgments on the correctness of the protocol. Therefore, the BAN class A protocol that is logically proven secure, but not convincingly secure

Images