高级检索

    安全协议的攻击分类及其安全性评估

    A New Taxonomy of Attacks on Security Protocols and Their Security Evaluation

    • 摘要: 对安全协议的安全性进行全面评估是十分重要的,但难度非常大.目前大量的研究工作主要集中于分析开放网络环境下安全协议的一些特定安全属性,例如,秘密性和认证性等.为了更全面地评估安全协议的安全防护能力,从攻击者的能力和攻击后果两个角度,提出一种新的安全协议攻击分类,并分析了不同攻击类型的特点与机理.在此基础上,探讨了安全协议的一种安全性评估框架,有助于更客观地评价安全协议的实际安全防护能力和设计新的协议.

       

      Abstract: Security analysis and evaluation for security protocols are very important, yet it is usually hard to carry out. Almost all the existing research work concentrates on analyzing certain security properties of protocols on the open network environment, such as secrecy and authentication. To evaluate security protocols on capabilities of defending attacks more comprehensively, the classification of intruders' abilities is studied, and a new taxonomy of attacks on security protocols based on both intruders' capabilities and attack consequences is also presented. With the classification, the corresponding characteristics and mechanisms of every attack type are analyzed. Finally, a security evaluation framework for security protocols based on the 2-dimensions taxonomy is discussed, which helps to objectively evaluate capabilities of preventing attacks on security protocols and also helps to design new security protocols.

       

    /

    返回文章
    返回