Abstract: This paper analyzed X.509 authentication protocol with Authentication Test in Strand Space. The conclusion is more concrete than that achieved using BAN Logic, and the proving process is simpler and ocularrer than the traditional method of constructing the set and finding the M-minimal element in the set. Then we came up with an improved version based on the analysis conclusion, and proved with Authentication Test that the improved protocol can realize the correctness of authentication while keeping the secrecy and integration goal of the original protocol.

摘要： 采用认证测试方法对X.509协议的认证正确性进行了分析，该方法比BAN逻辑分析得到的结论更具体，比传统串空间理论构造集合寻找M-minimal元素的方法更为简单直观。然后针对分析结论提出了改进协议，并使用认证测试方法证明了改进协议在保持数据保密性完整性的同时，也能实现认证的正确性。