CAJ | 학술논문

在介绍串空间理论基本概念、攻击者模型以及Kerberos协议的基础上，利用串空间理论得出Kerberos各协议参与主体和攻击者的迹，构造了协议的串空间，给出了Kerberos协议的丛图。在证明一个定理的基础上，使用启发式和反证法的思路，证明了认证服务器分配给客户端和应用服务器会话密钥的保密性，即攻击者从现有知识和构造能力无法推导出服务器分配给客户端和应用服务器的会话密钥；证明了客户端和认证服务器以及客户端和应用服务器能够相互认证，得出了Kerberos协议正确性的结论。
재개소천공간이론기본개념、공격자모형이급Kerberos협의적기출상，이용천공간이론득출Kerberos각협의삼여주체화공격자적적，구조료협의적천공간，급출료Kerberos협의적총도。재증명일개정리적기출상，사용계발식화반증법적사로，증명료인증복무기분배급객호단화응용복무기회화밀약적보밀성，즉공격자종현유지식화구조능력무법추도출복무기분배급객호단화응용복무기적회화밀약；증명료객호단화인증복무기이급객호단화응용복무기능구상호인증，득출료Kerberos협의정학성적결론。
Based on the theory of the string space,the model of the attacker and the Kerberos protocol,obtain traces of the subject in-volved in Kerberos protocol and the attacker with string space theory,and establish string space and bundles of the Kerberos protocol. It is proved that the session key of the client and application server assigned by authentication server is confidential by heuristic and reduction to absurdity. The attacker can not obtain the session key from existing knowledge and building capacity. The client and the authentication server and client and application server can be authenticated each other. It is concluded that the Kerberos protocol is correct.