计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (4): 155-158.

• 网络、通信与安全 • 上一篇    下一篇

三方认证协议BNV的分析及改进

高三海1,董荣胜1,吴光伟1,2   

  1. 1.桂林电子科技大学 计算机学院,广西 桂林 541004
    2.中南林业科技大学 计算机科学学院,长沙 410004
  • 收稿日期:2007-07-04 修回日期:2007-09-03 出版日期:2008-02-01 发布日期:2008-02-01
  • 通讯作者: 高三海

Analysis and improvement of 3-party authentication protocol:BNV

GAO San-hai1,DONG Rong-sheng1,WU Guang-wei1,2   

  1. 1.School of Computer Science,Guilin University of Electronic Technology,Guilin,Guangxi 541004,China
    2.School of Computer Science,Central South University of Forestry and Technology,Changsha 410004,China
  • Received:2007-07-04 Revised:2007-09-03 Online:2008-02-01 Published:2008-02-01
  • Contact: GAO San-hai

摘要: 多个主体之间的安全会话需要有可靠的多方认证协议来保证。基于安全协议的操作语义模型,分析了三方认证协议BNV的安全性,结果表明该协议存在一致性和同步性缺陷。为此,修改了协议的消息结构并添加了标识协议主体身份的消息项。对改进后协议的安全性进行分析,结果表明改进后的协议不存在原协议的缺陷,协议参与主体满足一致性与同步性要求。最后,基于改进后协议,提出了一个n方认证协议的协议原型。

关键词: 三方认证协议BNV, 操作语义, 同步性, 一致性

Abstract: Multi-party authentication protocols are used to assure the security sessions of the Multi participants involved in the protocols.In this paper,based on the operational semantics of security protocols,3-party authentication protocols BNV is analyzed. The result shows that it has agreement and synchronization flaws.For this flaws,the message structure of the protocol is amended and a message term identified the agent is added into the protocol messages.Then,the improved protocol is analyzed,which indicates that it can guarantee agreement and synchronization.Finally,an n-party protocol is presented based on the improved 3-party authentication protocols BNV,which is used to confirm the real identities of n agents.

Key words: 3-party protocol BNV, operational semantics, synchronization, agreement