A Formal Method for Analyzing Electronic Commerce Protocols

Σχετικά έγγραφα
Analysis of Security Protocols Based on Authentication Test

5 Haar, R. Haar,. Antonads 994, Dogaru & Carn Kerkyacharan & Pcard 996. : Haar. Haar, y r x f rt xβ r + ε r x β r + mr k β r k ψ kx + ε r x, r,.. x [,

Exam Statistics 6 th September 2017 Solution

A Method for Determining Service Level of Road Network Based on Improved Capacity Model

IF(Ingerchange Format) [7] IF C-STAR(Consortium for speech translation advanced research ) [8] IF 2 IF

Evaluation of Expressing Uncertain Causalities as Conditional Causal Possibilities

A Class of Orthohomological Triangles

ER-Tree (Extended R*-Tree)

C 1 D 1. AB = a, AD = b, AA1 = c. a, b, c : (1) AC 1 ; : (1) AB + BC + CC1, AC 1 = BC = AD, CC1 = AA 1, AC 1 = a + b + c. (2) BD 1 = BD + DD 1,

2002 Journal of Software /2002/13(08) Vol.13, No.8. , )

One and two particle density matrices for single determinant HF wavefunctions. (1) = φ 2. )β(1) ( ) ) + β(1)β * β. (1)ρ RHF

Cascading failure model of complex networks based on tunable load redistribution

On homeomorphisms and C 1 maps

α & β spatial orbitals in

High order interpolation function for surface contact problem

A Sequential Experimental Design based on Bayesian Statistics for Online Automatic Tuning. Reiji SUDA,

Generalized Fibonacci-Like Polynomial and its. Determinantal Identities

2002 Journal of Software., Timed Computation Tree Logic,Metric Interval Temporal Logic Real-Time Temporal Logic

Quantum annealing inversion and its implementation

2002 Journal of Software. SERP(sever-based routing protocol)., Network Simulator

Ó³ Ÿ , º 2(131).. 105Ä ƒ. ± Ï,.. ÊÉ ±μ,.. Šμ ² ±μ,.. Œ Ì ²μ. Ñ Ò É ÉÊÉ Ö ÒÌ ² μ, Ê

Studies on Measuring Method of Respiration Rates of Fruits and Vegetables (Part,)*

ON NEGATIVE MOMENTS OF CERTAIN DISCRETE DISTRIBUTIONS

Vidyamandir Classes. Solutions to Revision Test Series - 2/ ACEG / IITJEE (Mathematics) = 2 centre = r. a

Σχολή Εφαρμοσμένων Μαθηματικών και Φυσικών Επιστημών. Εθνικό Μετσόβιο Πολυτεχνείο. Thales Workshop, 1-3 July 2015.

Vol. 37 No. 6 JOURNAL OF BEIJING UNIVERSITY OF TECHNOLOGY. Jun %

Το απόθεμα των σπόρων στο έδαφος σε λιβαδικά οικοσυστήματα του όρους Ψηλορείτη Κρήτης

Monolithic Crystal Filters (M.C.F.)

VBA Microsoft Excel. J. Comput. Chem. Jpn., Vol. 5, No. 1, pp (2006)

CAPM. VaR Value at Risk. VaR. RAROC Risk-Adjusted Return on Capital

ΒΕΛΤΙΣΤΟΙ ΣΧΕΔΙΑΣΜΟΙ ΣΕ ΑΝΟΜΟΙΟΓΕΝΕΙΣ ΠΛΗΘΥΣΜΟΥΣ

Answers - Worksheet A ALGEBRA PMT. 1 a = 7 b = 11 c = 1 3. e = 0.1 f = 0.3 g = 2 h = 10 i = 3 j = d = k = 3 1. = 1 or 0.5 l =

Reading Order Detection for Text Layout Excluded by Image

A Fault Identification Algorithm for Satellite Networks Based on System Level Diagnosis

Every set of first-order formulas is equivalent to an independent set

Instruction Execution Times

A summation formula ramified with hypergeometric function and involving recurrence relation

-! " #!$ %& ' %( #! )! ' 2003

Towards a more Secure Cyberspace

«Βιοδοκιμές αποτελεσματικότητας ουσιών φυτικής προέλευσης επί του δορυφόρου της πατάτας Leptinotarsa decemlineata (Say) (Coleoptera: Chrysomelidae)»

Discriminative Language Modeling Based on Risk Minimization Training

Πεπερασμένες διαφορές για την ελλειπτική εξίσωση στις δύο διαστάσεις

Approximation of distance between locations on earth given by latitude and longitude

The Research on Sampling Estimation of Seasonal Index Based on Stratified Random Sampling

A Lambda Model Characterizing Computational Behaviours of Terms

Oscillatory integrals

k A = [k, k]( )[a 1, a 2 ] = [ka 1,ka 2 ] 4For the division of two intervals of confidence in R +

Kernel orthogonal and uncorrelated neighborhood preservation discriminant embedding algorithm

Technical Research Report, Earthquake Research Institute, the University of Tokyo, No. +-, pp. 0 +3,,**1. No ,**1

Studies on the Binding Mechanism of Several Antibiotics and Human Serum Albumin

ibemo Kazakhstan Republic of Kazakhstan, West Kazakhstan Oblast, Aksai, Pramzone, BKKS office complex Phone: ; Fax:

Super-Resolution Reconstruction for Face Images Based on Particle Filters Method


Ó³ Ÿ , º 1(130).. 7Ä ±μ. Ñ Ò É ÉÊÉ Ö ÒÌ ² μ, Ê

Homomorphism in Intuitionistic Fuzzy Automata

ΗΥ537: Έλεγχος Πόρων και Επίδοση σε Ευρυζωνικά Δίκτυα,

Vol. 34 ( 2014 ) No. 4. J. of Math. (PRC) : A : (2014) Frank-Wolfe [7],. Frank-Wolfe, ( ).

ΠΑΝΕΠΙΣΤΗΜΙΟ ΠΑΤΡΩΝ ΤΜΗΜΑ ΗΛΕΚΤΡΟΛΟΓΩΝ ΜΗΧΑΝΙΚΩΝ ΚΑΙ ΤΕΧΝΟΛΟΓΙΑΣ ΥΠΟΛΟΓΙΣΤΩΝ ΤΟΜΕΑΣ ΣΥΣΤΗΜΑΤΩΝ ΗΛΕΚΤΡΙΚΗΣ ΕΝΕΡΓΕΙΑΣ

Estimating Time of a Simple Step Change in Nonconforming Items in High-Yield Processes

Batigoal_mathscope.org ñược tính theo công thức

A Bonus-Malus System as a Markov Set-Chain. Małgorzata Niemiec Warsaw School of Economics Institute of Econometrics

Proposal of Terminal Self Location Estimation Method to Consider Wireless Sensor Network Environment

Congruence Classes of Invertible Matrices of Order 3 over F 2

Power allocation under per-antenna power constraints in multiuser MIMO systems

Concomitants of Dual Generalized Order Statistics from Bivariate Burr III Distribution

Multi-dimensional Central Limit Theorem

1530 ( ) 2014,54(12),, E (, 1, X ) [4],,, α, T α, β,, T β, c, P(T β 1 T α,α, β,c) 1 1,,X X F, X E F X E X F X F E X E 1 [1-2] , 2 : X X 1 X 2 ;

Secure Cyberspace: New Defense Capabilities

Neutralino contributions to Dark Matter, LHC and future Linear Collider searches

ΓΕΩΜΕΤΡΙΑ. 1 o ΔΙΑΓΩΝΙΣΜΑ ΘΕΜΑ 1

Multi-dimensional Central Limit Theorem

MATLAB Application of Matlab in Analysing and Modeling Financial Time Sequences

1 (forward modeling) 2 (data-driven modeling) e- Quest EnergyPlus DeST 1.1. {X t } ARMA. S.Sp. Pappas [4]

An Advanced Manipulation for Space Redundant Macro-Micro Manipulator System

Legal use of personal data to fight telecom fraud

Το άτομο του Υδρογόνου

Κεφάλαιο 1 Πραγματικοί Αριθμοί 1.1 Σύνολα

Matrices and Determinants

LUO, Hong2Qun LIU, Shao2Pu Ξ LI, Nian2Bing

A research on the influence of dummy activity on float in an AOA network and its amendments

Self and Mutual Inductances for Fundamental Harmonic in Synchronous Machine with Round Rotor (Cont.) Double Layer Lap Winding on Stator

Evolution of Novel Studies on Thermofluid Dynamics with Combustion

Optimization, PSO) DE [1, 2, 3, 4] PSO [5, 6, 7, 8, 9, 10, 11] (P)

Ó³ Ÿ , º 4Ä5(174Ä175).. 682Ä688 ˆ ˆŠ ˆ ˆŠ Š ˆ

(Equipped with static shield, magnetic shieid) (Equipped with magnetic Shieid)

ISSN / CN / TP Journal of Computer Research and Development 42 (6) : , 2005

%78 (!*+$&%,+$&*+$&%,-. /0$12*343556

Estimators when the Correlation Coefficient. is Negative

35 90% %

Motion analysis and simulation of a stratospheric airship

= f(0) + f dt. = f. O 2 (x, u) x=(x 1,x 2,,x n ) T, f(x) =(f 1 (x), f 2 (x),, f n (x)) T. f x = A = f

Study on the Strengthen Method of Masonry Structure by Steel Truss for Collapse Prevention

Development and Verification of Multi-Level Sub- Meshing Techniques of PEEC to Model High- Speed Power and Ground Plane-Pairs of PFBS

Vol. 31,No JOURNAL OF CHINA UNIVERSITY OF SCIENCE AND TECHNOLOGY Feb

Solutions to Selected Homework Problems 1.26 Claim: α : S S which is 1-1 but not onto β : S S which is onto but not 1-1. y z = z y y, z S.

Sheet H d-2 3D Pythagoras - Answers


n 1 n 3 choice node (shelf) choice node (rough group) choice node (representative candidate)

Ordinal Arithmetic: Addition, Multiplication, Exponentiation and Limit

Vol. 38 No Journal of Jiangxi Normal University Natural Science Nov. 2014

Transcript:

1000-9825/2005/16(10)1757 2005 Journl of Softwre Vol16, No10 1,2+ 1 (, 100080) 2 (, 100080) A Forml Method for Anlyzng Electronc Commerce Protocols QING S-Hn 1,2+ 1 (Engneerng Reserch Center for Informton Securty Technology, Insttute of Softwre, The Chnese Acdemy of Scences, Bejng 100080, Chn) 2 (Bejng ZhongkeAnsheng Corporton of Informton Technology, Bejng 100080, Chn) + Correspondng uthor: Phn: +86-10-62635150, Fx: +86-10-62635150, E-ml: qshn@ercstscsccn Receved 2004-05-25; Accepted 2005-06-22 Qng SH A forml method for nlyzng electronc commerce protocols Journl of Softwre, 2005,16(10): 1757765 DOI: 101360/jos161757 Abstrct: A forml method whch cn be used to nlyze securty propertes such s ccountblty nd frness n electronc commerce protocols s presented Compred wth the prevous work, the mn contrbutons re the followng Frstly, forml defnton s gven to the possesson set of ech protocol prtcpnt, nd the ntl possesson set depends only on the envronment Secondly, the set of ntl stte ssumptons s dvded nto three ctegores: bsc ssumptons, trust ssumptons, nd protocol comprehenson ssumptons, n order to vod nlyss errors cused by nforml ntl stte ssumptons Thrdly, the set of trust ssumptons s rtculted by forml specfcton t lower level of grnulrty, exposng the essence of the protocol Fourthly, estblshng n xom system mkes the new pproch more rgorous nd expressve ey words: forml nlyss; electronc commerce protocol; ccountblty; frness; TTP :,,, :(1), ;(2) 3 :, ;(3), ;(4), : ; ; ; ; : TP309 : A Supported by the Ntonl Nturl Scence Foundton of Chn under Grnt Nos60083007, 60573042 ( ); the Ntonl Grnd Fundmentl Reserch 973 Progrm of Chn under Grnt NoG1999035802 ( (973)); the Bejng Nturl Scence Foundton of Chn under Grnt No4052016 ( ) : (1939 ),,,,,

1758 Journl of Softwre 2005,16(10),, PI,,, [1,2],, BAN [3] BAN [4] BAN,,,,,,,,,, BAN,,,,lr [5],, lr,,lr [6] [7] lr,,,, :(1), 8 (2) (3), 3 :, (4) TTP, (5) 1 : 1, 2,, 3 TTP, 4, 1~ 3,,,, 4,,, 11 (n): m n ; : A, A A ; ~ :, ~ =, ~ = : m EOO(evdence-of-orgn):,, EOR(evdence-of-recept):,, f X :,,, f EOO EOO, EOO

: 1759 12 121,, : Envronmen t = Prncple, Chnnel Pr =, A,,Q,R,,,,,, TTP, TTP,,,,TTP,, 122 ncple { TTP, A, C,, P, Q, R, }, : A B : m A B m A B : m A B m, A B m:(1) ftp B m ftp Zhou Gollmn [8],, TTP ftp, (2) B m,a B m, :() B m;(b) B m 123 n,a, A O,A O, O = O n A,A A, A, O = O n A, 1 m,m m M, m ˆ M ; ( m M ) (( m = ( m 1, m2)) ( m1 ˆ M ) ( m2 ˆ M )) ((( m = m1 ) ( m = m2 )) (( m 1, m2 ) ˆ M )) (( m = f ( m1,, mn ) ) ( m1 ˆ M ) ( m2 ˆ M ) ( m n ˆ M )),f, 2 m,m Mˆ M, 3 A Mˆ = { m m ˆ M} n A O ( = 0,1,, n ) O Ô,, Ô O, O Ô, A O 1 O ( (1) A B : m,m A, = 1,2,, n ), : 1 m O, 1 O = { O 0, = 1,2,, n

1760 Journl of Softwre 2005,16(10) 1 ˆ O m A, : m 1 (2) B A: m, A B : m, m O, 1 O = O { 1 (3), O = O, = 1,2,, n 13, = 1,2,, n 8 : (1) A Cn Prove x : A, B x, B y x (2) A Clms x :A x( x ), : A Clms ( x, y) A Clms x,, A (x,y), A x (3) A Controls x :A x, A x (4) A Hs m :A m (5) A Receved m :A m, : A Receved ( n) A Receved m,, A ( m, n), A m (6) P ( A, ) : A, A (7) A Fetched m :A m (8) A Generted m :A m 14 1 8 : ( ϕ ) ( ( ϕ ψ )) ψ, ϕ ( ϕ ψ ) ψ, Γ ϕ Γ ( ) ϕ ϕ ϕ, ϕ, : ϕ, ϕ ψ, ψ 8 : A1 A CnProve x A CnProve y A CnProve ( x y) A x y, A A2 x y A CnProve x ( x y) A CnProve y A x, x y, A y A3 { ) A CnProve P( ) A CnProve ( B Clms ) ( A Hs 1 m A A B, A B m A4 A CnProve ( B Controls x) A CnProve ( B Clms x) A CnProve x A B x, A B x, A x A5 A CnProve ( B Clms { ) A CnProve ( B Clms ) A CnProve ( B Clms A B {, A B, A B m

: 1761 A6 A Receved m A Fetched m A Generted m A Hs m A A A A m A7 ~ A Receved{ A Hs A Receved m A { m }, A ~, A m A8 ~ A Fetched{ A Hs A Fetched m A { m }, A ~, A m 15 3 (1) () ; () () ; (b) ; (c) ; () EOO EOR; (2) () ; () EOO EOR ; (),,, EOO Ob EOR O ; (3), ( 1 n), EOO O b EOR O 2 21 CMP1 1995,Deng [9], CMP1 CMP 2 CMP1 CMP2, CMP2, CMP1, CMP1, X400, (1) A B : A, TTP,,{ k}, {{ A, } ttp k (2) B TTP :{ A, TTP,, { k}, {{ A, } ttp k b (3) TTP B :{{ A, } k ttp (4) TTP A :{{ A, TTP,, b k ttp,a { A,, k, k A,A m, k TTP, (1) B, (1), A,TTP,, md md,b : A B TTP, B, TTP m (1),B B, (1),

1762 Journl of Softwre 2005,16(10), B, B b md, (1) TTP (2),TTP B B md,ttp b k}, k,ttp k {{ A, 1} k, A, 1, A { ttp { A,TTP A, 1 m, { A, TTP, {, TTP A B B m,ttp B (3), A m EOO: EOO = {{ A, } k ttp,ttp A (4), TTP B m EOD: EOD = { A, TTP,, m 22 CMP1 { } b k ttp, mtch, m, mtch ( = true m h, : (1) () : 0 0 O = {,, b, ttp} ; Ob = {, b, b, ttp} () : () : B1 A CnProve P( b ) B2 B CnProve P( A, ) B3 A, B CnProve P( TTP, ttp ) (b) : T1 A, B CnProve (TTP Controls ( m B)) T2 A, B CnProve (TTP Controls mtc ) T3 TTP Clms ( m B) TTP Clms mtc (c) : C1 ( m B) B Hs m C2 B Clms B Hs m mtc B Clms m C3 TTP Clms ( TTP Clms ( m B) () EOO EOR:,CMP1 EOO EOR, EOO = { A,, EOR = A B h m B m, C3 {,,TTP, ( )},{, } b ttp,cmp1 (3) (4), (1) (2) CMP1 ( 3 ) TTP B :{ A, ( 4 ) TTP A :{ A, TTP,, { (2) () : b k ttp ttp b

: 1763 (G1) B CnProve ( A Clms (G2) A CnProve ( B Clms () EOO EOR : EOO Ob, { A, Ob B Hs { A,,B2 A3 : EOR O, { A, TTP, O,{ O A Hs { A, TTP, b A Hs { ttp,c3 A2 :,T1 A4 :,C1 A2 : (2),T3 A2 :,T2 A4 :, (3) A1 :,B3 A3 : B CnProve ( A Clms (G1) b,b1 A3 : ttp A CnProve ( B Clms (1) A CnProve (TTP Clms ( A CnProve (TTP Clms ( m B)) (2) A CnProve ( m B) A CnProve ( B Hs (3) A CnProve (TTP Clms mtc ) A CnProve mtc A CnProve (( B Hs mtc ), (1) A1 : A CnProve (( B Clms ( B Hs mtc ),C2 A2 : A CnProve ( B Clms (G2), CMP1 EOO EOR () :, O 3 = b O 2 b EOO, O 4 O EOR = 3 : EOO O 3 b Ob EOO O 4 O, (3) : EOO O EOR O, = 1,2,3,4 b 3 1 O ˆ 1 1 b ttp 3 EOO O b, 3 3 O O =, ({ A, TTP,,{ ) O, EOR ˆ O,, 3 31 Zhou-Gollmnn Zhou-Gollmnn [8],

1764 Journl of Softwre 2005,16(10) c = { l = ) EOO = { f, c} EOR = { f, A, c} EOO 1 sub _ = { f, } con _ = { f, A, } SUB (1) A B : f, c, EOO EOO (2) B A : f, A, EOR EOR (3) A TTP : fsub, sub _ (4) B TTP : fcon, A, con _ (5) A TTP : fcon, A, con _ EOR CON b,m A B ; A ;c m ; A B m ; sub _ A ; con _ TTP l = ), m (1),A B EOO c (2),B A EOR (3),A TTP sub _,,,B TTP m, A TTP,B TTP A (3) (3),TTP con _ con _, (4) (5),B A TTP con_ 32 Zhou-Gollmnn,, verfy : verfy ( c, = true c, m : T1 TTP Clms A Clms T2 TTP Clms TTP Clms verfy( c, T3 A, B CnProve (TTP Controls verfy( c, : C1 TTP Clms TTP Clms ( con_) C2 TTP Clms ( con _ ) B Hs con_ C3 B Clms c B Hs con _ verfy( c, B Clms m EOO EOR : EOO = EOO, con _ = { f, c},{ f, A, }, EOO ttp CON ttp EOR = EOR, con _ = { f, A, c},{ f, A, } EOR CON b ttp 22, :Zhou-Gollmnn EOO EOR : B CnProve ( A Clms (G1) A CnProve ( B Clms (G2),,, 4,,, CMP1,TTP : m m, Zhou-Gollmnn,TTP : con_;ttp A ; c m

: 1765, A6~A8,,,, [10,11],,, ;, [12,13],, [14],,, References: [1] Qng SH Cryptogrphy nd Computer Network Securty Bejng: Tsnghu Unversty Press, 2001 (n Chnese) [2] Qng SH Desgn nd logcl nlyss of securty protocols Journl of Softwre, 2003,14 (7):1300309 (n Chnese wth Englsh bstrct) http://wwwjosorgcn/1000-9825/14/1300htm [3] Burrows M, Abd M, Needhm R A logc of uthentcton ACM Trns on Computer Systems, 1990,8(1):18 36 [4] Syverson PF, vn Oorschot PC On unfyng some cryptogrphc protocol logcs In: Proc of the 1994 IEEE Computer Socety Symp on Reserch n Securty nd Prvcy Los Almtos: IEEE Computer Socety Press, 1994 14 28 http://chcsnrlnvyml/ publctons/chacs/1994/1994syverson-sppdf [5] lr R Accountblty n electronc commerce protocols IEEE Trns on Softwre Engneerng, 1996,22(5):313 328 [6] Zhou DC, Qng SH, Zhou ZF Lmttons of lr logc Journl of Softwre, 1999,10(12):1238245 (n Chnese wth Englsh bstrct) [7] Zhou DC, Qng SH, Zhou ZF A new pproch for the nlyss of electronc commerce protocols Journl of Softwre, 2001,12(9): 1318328 (n Chnese wth Englsh bstrct) [8] Zhou J, Gollmn D A fr non-repudton protocol In: Proc of the 1996 IEEE Symp on Securty nd Prvcy Los Almtos: IEEE Computer Socety Press, 1996 55 61 http://cteseerstpsuedu/62704html [9] Deng R, Gong L Prctcl protocols for certfed electronc ml Journl of Network nd Systems Mngement, 1996,4(3): 279 297 [10] Qng SH The TTP roles n electronc commerce protocols Journl of Softwre, 2003,14(11):1936943 (n Chnese wth Englsh bstrct) http://wwwjosorgcn/1000-9825/15/1936htm [11] Qng SH Securty Protocols Bejng: Tsnghu Unversty Press, 2005 (n Chnese) [12] Asokn N, Shoup V, Wdner M Optmstc fr exchnge of dgtl sgntures In: Nyberg ed Advnces n Cryptology: Proc of the Eurocrypt 98 LNCS 1403, Sprnger-Verlg, 1998 591 606 [13] Asokn N, Schunter M, Wdner M Optmstc protocols for fr exchnge Reserch Report, RZ 2858, IBM Reserch, 1996 [14] Qng SH, L GC A forml model of fr exchnge protocols Scence n Chn (E), 2005,35(2):16172 (n Chnese wth Englsh bstrct) : [1] :,2001 [2],2003,14(7):1300309 http://wwwjosorgcn/1000-9825/14/1300htm [6],, lr,1999,10(12):1238245 [7],,,2001,12(9):1318328 [10],2003,14(11):1936943 http://wwwjosorgcn/1000-9825/15/1936htm [11] :,2005 [14], (E ),2005,35(2):16172

2025 © DocPlayer.gr Πολιτική Απορρήτου | Όροι Χρήσης | Σχόλια