| SSL3.0基本握手协议的运行模式分析 |
| |
| 作者姓名: | 莫燕 张玉清 李学干 |
| |
| 作者单位: | 1. 中国科学院研究生院国家计算机网络入侵防范中心, 北京100049;
2. 西安电子科技大学计算机学院, 西安 710071 |
| |
| 基金项目: | 国家自然科学基金项目 (60102004,60273027,60025205)资助 |
| |
| 摘 要: | 主要使用运行模式法对简化的SSL30基本握手协议进行了形式化分析.通过分析,找到了3种不同的攻击形式,并且对这3种攻击形式进行了深入研究,发现这3种攻击虽然从表面上看都是由于允许不同版本共存的漏洞引起的,但是经过仔细分析攻击的形式,发现这3种攻击是存在差异的.主要是角色欺骗不相同,而这又可能会造成潜在攻击.最后对这个协议进行了改进,从而有效避免了以上3种攻击,提高了协议的安全性
|
| 关 键 词: | SSL协议 形式化分析 运行模式分析法 |
| 收稿时间: | 2004-05-09 |
| 修稿时间: | 2004-07-26 |
The Running-Mode Analysis of SSL310 Basic Handshake Protocol |
| |
| Authors: | MO Yan ZHANG Yu-Qing LI Xue-Gan |
| |
| Institution: | 1. National Computer Network Intrusion Protection Center, Graduate School of the Chinese Academy of Sciences, Beijing 100049, China;
2. School of Computer Science and Engineering, Xidian University, Xi’an 710071, China |
| |
| Abstract: | The simplified SSL310 basic handshake protocol is analyzed by using a formal analysis method called the approach of the running-mode analysis. By analyzing the protocol, we find three different types of attack. Through an in-depth research,we also find that although these three attacks seem to result from the leak of allowing different versions to coexist, they are different. The major difference is the different role imitation, which probably leads to potential attacks. Finally, some improvement is made to avoid these three attacks effectively, which improves the security of the protocol. |
| |
| Keywords: | SSL protocol formal analysis running-mode analysis |
|
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
|
