论文信息 - SSL Protocol Analysis Based on Freshness Identifiers

SSL Protocol Analysis Based on Freshness Identifiers

SSL protocol is essential in network security. This paper evaluates the security of SSL protocol by a fine-grained analysis method based on freshness identifiers and proposes the causes of two kinds of MITM attacks under the circumstance of admitting the difficulties of building a trusted session key without a PKI or a long-term hold shared key. These evaluation and analysis have certain reference significance on protocols analysis.

Yu Liu | Kang Yanmei | Wenyong Li

[1] Paul F. Syverson,et al. On unifying some cryptographic protocol logics , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2] Lawrence C. Paulson,et al. Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[3] Li Xiang. The Formalization Description of the Dolev-Yao Intruder Model , 2010 .

[4] Wei Li. Reliability Analysis and Improvement of BAN Logic , 2012 .

[5] Feng Deng. Survey on Theories and Methods of Formal Analyses for Security Protocols , 2003 .

[6] Kefei Chen,et al. Belief Multiset Formalism for Cryptographic Protocol Analysis: Belief Multiset Formalism for Cryptographic Protocol Analysis , 2009 .

[7] Peter Honeyman,et al. Formal Methods for the Analysis of Authentication Protocols , 1993 .

[8] Lan Kun. Analysis and Countermeasure of SSL MITM Attack , 2010 .

[9] Joshua D. Guttman,et al. Honest ideals on strand spaces , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).