安全协议的攻击分类及其安全性评估_卓继亮.pdfVIP

ISSN 1000-1239/CN 11-1777/TP Journal of Computer Research and Development 2(7):1100～ 1107, 2005 卓继亮　李先贤　李建欣　怀进鹏 (　　100083) (zhuo@) A New Taxonomy of Attacks on Security Protocols and Their Security Evaluation Zhuo Jiliang, Li Xianxian, Li Jianxin, and Huai Jinpeng (S chool of Comp u ter S cience Eng in eer ing , B eihang Un ivers ity , Beij ing 100083) Abstract　Security analysis and evaluation for security protocols are very important, yet it isusually hard to carry out.Almost all the existing research w ork concentrates on analyzing certain security properties of pro- tocols on the open network environment, such as secrecy and authentication.To evaluate security protocols on capabilities of defending attacks more comprehensively, the classification of intruders abilities is stud- ied, and a new taxonomy of attacks on security protocols based on both intruders capabilities and attack consequences is also presented.With the classification, the corresponding characteristics and mechanisms of every attack type are analyzed.Finally, a security evaluation framew ork for security protocols based on the 2-dimensions taxonomy is discussed, which helps to objectively evaluate capabilities of preventing attacks on security protocols and also helps to design new security protocols. Key words　security protocol;taxonomy of attacks;security evaluation;formal method 　　对安全协议的安全性进行全面评估是十分重要的, 但难度非常大.目前大量的研究工作主要 中于分析开放网络环境下安全协议的 一些特定安全属性,例如, 秘密性和认证性等.为了更全面地评估 安全协议的安全防护能力, 从攻击者的能力和攻击后果两 个角度, 提出一种新的安全协议攻击分类, 并 分析了不同攻击类型的特点与机理.在此基础上, 探讨了安全协议的 一种安全性评估框架, 有助于更客 观地评价安全协议的实际安全防护能力和设计新的协议. 　安全协议;攻击分类;安全性评估;形式化方法 　TP393 [1] . 1　　　 , . 1.1　 () , . , ,