Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An Attacker-Centric Security Protocol Verification Method

A verification method and security protocol technology, applied in the field of computer security protocol verification, can solve problems such as explosion, increase of state space, and redundancy of expansion methods.

Inactive Publication Date: 2019-07-12
THE PLA INFORMATION ENG UNIV
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The present invention aims at problems such as the timing contradictions in the situation analysis of the prior art, the redundancy in the expansion mode, and the possibility of increasing the state space explosion, etc., and proposes an attacker-centered security protocol verification method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Attacker-Centric Security Protocol Verification Method
  • An Attacker-Centric Security Protocol Verification Method
  • An Attacker-Centric Security Protocol Verification Method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] Embodiment 1: An attacker-centric security protocol verification method, the method includes the following steps:

[0057] Step 1: Model the behavior of the legal subject and the attacker during the operation of the protocol, verify the target according to the protocol, and set the initial state. The initial state is set to contain only one role instance; protocol: expressed as a state set and a state The transition set, and the various behaviors of the attacker and the messages between the protocol participants are considered into this state set and state transition set, traversing the entire state space, and checking whether a certain state of interest can be reached.

[0058] The modeling mainly includes: (1) According to the Dolve-Yao model, the message sent by the subject can be regarded as received by the attacker regardless of whether the destination party is an attacker, and all the messages received by the subject can be regarded as sent by the attacker; therefo...

Embodiment 2

[0098] Embodiment 2: An attacker-centric security protocol verification method, first of all, it is necessary to model the legal subject and the attacker's behavior in the protocol operation process, the behavior of the legal subject can be described as a role instance; the attacker's behavior It mainly includes adding knowledge and attacker reasoning, respectively expressed as addTerm AtK (m) and core (m).

[0099] The attacker will intercept a large number of new messages to obtain new knowledge. There are a large number of repeated subitems in these message items. In order to simplify the attacker's knowledge set, the present invention formulates the following attacker knowledge addition rules to remove the same non-decomposable subitems.

[0100] R1:

[0101] R2:

[0102] R3:

[0103] R4:

[0104] R5:

[0105] On the basis of the attacker's knowledge, the attacker's reasoning mainly solves two problems: one is to judge whether the attacker can generate the t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of computer security protocol verification methods, and specifically relates to a security protocol verification method taking an attacker as the center. The security protocol verification method comprises the steps of 1, setting an initial state according to a protocol verification target; 2, extracting an event to be handled in the state, sequentially judging whether the current state and the event conform to TRules or not; and performing judgment on states in a Resultstate, wherein if a certain state that attacker knowledge contains parameters required to be kept secret of a protocol exists, the state is secrecy abnormal state, and if a certain state that a protocol session scene is abnormal exists, the state is an authentication abnormal state, otherwise, the protocol design is secure. The security protocol verification method aims to consider time sequence contradiction in the state extension process, a back tracking mechanism is introduced into state extension, extended branches of invalid states do not appear in the state searching process, and the number of intermediate states is reduced; and state extension is driven by requirements of the attacker, the mode is not fixed, the number of branches is less, and the number of state spaces is reduced.

Description

technical field [0001] The invention belongs to the field of computer safety protocol verification methods, in particular to an attacker-centered safety protocol verification method. Background technique [0002] A security protocol is a network protocol that uses a cryptographic algorithm. Cryptographic algorithms are the cornerstone of information system security, but the overall security of information systems not only depends on the strength of cryptographic algorithms, but also is closely related to the security protocols adopted by the system. Even if the cryptographic algorithm used by the system is safe, if the security protocol adopted by it has security risks, the attacker can also successfully attack the system without breaking the cryptographic algorithm. Along with the popularization and continuous development of computer networks, security protocols have become an important support for the reliable operation of various core security services in information sys...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L69/03H04L69/26
Inventor 谷文韩继红袁霖
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products