| 两个认证密钥协商协议的前向安全性分析 |
| |
| 引用本文: | 程庆丰,马玉千.两个认证密钥协商协议的前向安全性分析[J].电子与信息学报,2022,44(12):4294-4303. |
| |
| 作者姓名: | 程庆丰 马玉千 |
| |
| 作者单位: | 1.战略支援部队信息工程大学 郑州 4500012.数学工程与先进计算国家重点实验室 郑州 450001 |
| |
| 基金项目: | 国家自然科学基金(61872449) |
| |
| 摘 要: | 目前,网络安全及隐私受到广泛关注。前向安全性是Günther在1989年提出的一种认证密钥协商协议( AKA)的安全属性(doi: 10.1007/3-540-46885-4_5),该性质经过30年的蓬勃发展已经成为研究领域的热点之一。该文主要分析了MZK20和VSR20两个AKA协议。首先在启发式分析的基础上,利用BAN逻辑分析了MZK20协议不具有弱前向安全性;其次利用启发式分析和Scyther工具证明了VSR20协议不具备前向安全性。最后,在分析VSR20协议设计缺陷的基础上,提出了改进方案,并在eCK模型下证明了改进后协议的安全性;并且,结合Scyther软件证明了改进VSR20协议与VSR20协议相比明显提高了安全性。
|
| 关 键 词: | 安全协议形式化工具分析 认证密钥协商协议 前向安全性 |
| 收稿时间: | 2021-10-15 |
Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols |
| |
| CHENG Qingfeng,MA Yuqian.Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols[J].Journal of Electronics & Information Technology,2022,44(12):4294-4303. |
| |
| Authors: | CHENG Qingfeng MA Yuqian |
| |
| Institution: | 1.Strategic Support Force Information Engineering University, Zhengzhou 450001, China2.State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China |
| |
| Abstract: | At present, network security and privacy have attracted extensive attention. Forward security is a security attribute of Authenticated Key Agreement protocol (AKA) proposed by Günther in 1989. Since then, this property has become one of the hot topics. This paper analyzes the security properties of two AKA protocols, MZK20 and VSR20. First, based on heuristic analysis and BAN logic, MZK20 protocol is proved that it does not satisfy weak forward security. Second, using heuristic analysis and Scyther, it is proved that VSR20 protocol does not fulfill forward security. Finally, the enhanced VSR20 protocol is designed and proved more secure than VSR20. The security of the modified VSR20 is verified both by the use of security reduction under eCK model and Scyther. |
| |
| Keywords: | |
|
| 点击此处可从《电子与信息学报》浏览原始摘要信息 |
| 点击此处可从《电子与信息学报》下载免费的PDF全文 |
