计算机工程与应用 ›› 2012, Vol. 48 ›› Issue (2): 59-62.

• 网络、通信、安全 • 上一篇    下一篇

针对中间人攻击的IKEv2形式化分析与改进

朱晓薇,周海刚,刘 军   

  1. 解放军理工大学 通信工程学院,南京 210007
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2012-01-11 发布日期:2012-01-11

Formal analysis and improvement of IKEv2 against man-in-the-middle attack

ZHU Xiaowei, ZHOU Haigang, LIU Jun   

  1. Institute of Communications Engineering, PLA University of Science & Technology, Nanjing 210007, China
  • Received:1900-01-01 Revised:1900-01-01 Online:2012-01-11 Published:2012-01-11

摘要: 基于BSW逻辑对互联网密钥交换协议(IKEv2)进行了形式化分析,证明协议在预共享密钥认证方式下存在中间人攻击,提出一个改进方案,并利用扩展的BSW逻辑分析了改进后的协议能够抵御中间人攻击,且能够满足协议的认证性、秘密性和完整性。

关键词: BSW逻辑, IKEv2协议, 中间人攻击, 预共享密钥

Abstract: In this paper, Internet Key Exchange protocol(IKEv2) is analyzed formally by BSW logic. It is proved that the pre-shared key authentication in IKEv2 is susceptible to man-in-the-middle attack. An improved scheme is proposed and analyzed by extended BSW logic, which can resist man-in-the-middle attack and fulfill the authentication, secrecy and integrity of this protocol.

Key words: BSW logic, IKEv2 protocol, man-in-the-middle attack, pre-shared key