解放军理工大学学报(自然科学版)
解放軍理工大學學報(自然科學版)
해방군리공대학학보(자연과학판)
JOURNAL OF PLA UNIVERSITY OF SCIENCE AND TECHNOLOGY(NATURAL SCIENCE EDITION)
2014年
4期
307-315
,共9页
徐明飞%吴礼发%洪征%曾晓光%周振吉
徐明飛%吳禮髮%洪徵%曾曉光%週振吉
서명비%오례발%홍정%증효광%주진길
可信网络连接%双向认证协议%BAN逻辑%安全性分析
可信網絡連接%雙嚮認證協議%BAN邏輯%安全性分析
가신망락련접%쌍향인증협의%BAN라집%안전성분석
trusted network connect%mutual authentication protocol%BAN logic analysis%security analysis
针对可信网络连接认证协议的现有方案存在单向认证、平台身份和配置信息泄露、无法抵御伪装及重放攻击等安全问题,提出了一种新的认证协议。该协议通过引入可信第三方实现了双向用户身份和平台身份的认证,防止了伪装攻击。直接匿名证明方法和时间戳的应用,保护了平台身份和配置信息的安全,防止了重放攻击。采用BAN逻辑对协议进行形式化描述及分析,验证了本协议可以提高认证的安全性,具有较高的应用价值。
針對可信網絡連接認證協議的現有方案存在單嚮認證、平檯身份和配置信息洩露、無法牴禦偽裝及重放攻擊等安全問題,提齣瞭一種新的認證協議。該協議通過引入可信第三方實現瞭雙嚮用戶身份和平檯身份的認證,防止瞭偽裝攻擊。直接匿名證明方法和時間戳的應用,保護瞭平檯身份和配置信息的安全,防止瞭重放攻擊。採用BAN邏輯對協議進行形式化描述及分析,驗證瞭本協議可以提高認證的安全性,具有較高的應用價值。
침대가신망락련접인증협의적현유방안존재단향인증、평태신빈화배치신식설로、무법저어위장급중방공격등안전문제,제출료일충신적인증협의。해협의통과인입가신제삼방실현료쌍향용호신빈화평태신빈적인증,방지료위장공격。직접닉명증명방법화시간착적응용,보호료평태신빈화배치신식적안전,방지료중방공격。채용BAN라집대협의진행형식화묘술급분석,험증료본협의가이제고인증적안전성,구유교고적응용개치。
There are some security problems in the existing trusted network connect authentication protocols, such as one-way authentication, platform identity and configuration information leakage, inability to resist the masquerade and replay attacks. In order to solve the problems, a new authentication protocol was proposed. The trusted third party was introduced into the protocol, so that both the user and the platform’ s bidirectional identity security au-thentication could be achieved, and masquerade attacks prevented. The protocol uses the Direct Anonymous Attes-tation method to guarantee the safety of the platform identity and configuration information, and uses timestamp to prevent replay attacks. BAN logic was applied to describing and analyzing the protocol formally. Validation results show that the protocol is practicable and can improve the security of the authentication effectively.
