Research On Structures And Normal Forms Of Security Protocols

With the popularization of Internet and the development of various applications like electronic business on Internet, people pay more attentions to the security of such network applications. The security of these applications depends on the security of the cryptographic protocols (or security protocols) they employ, but the security protocols lack of security will suffer various attacks from intruders on open distributed environment. Therefore, researches on attack-resistant security protocols are significant and worthy for the popularization of network business at present and in future, the acceleration of national ecnomics and the development of society.Aiming at designing of attack-resistant security protocols, the dissertation researches such topics as the sequence patterns of the authentication protocols, the sequence flaws of Yahalom protocol and its variants, hierachical taxonomy of replay attacks, a building approach for message blocks of security protocol based on state binding and belief binding, and normal forms and normalization of security protocols.Firstly, from the viewpoint of protocol sequence, the dissertation analyzes the sequence patterns covering almost all authentication protocols with and without the trusted third party (TTP) at present. Twelve feasible sequence patterns of authentication protocol with TTP and 5 sequence patterns without TTP are gained. These gained sequence patterns meet such requirements as authentication and high effectivity. By comparing with the sequences of current authentication protocols, the analysis results are proven to some extent. In addition, all of the sequence patterns are classified into unilateral or bilateral authentication. Furthermore, in terms of the sequence symmetry, the sequence patterns with TTP are briefly evaluated.Secondly, the dissertation analyzes the sequence flaw of the Yahalom protocol and its variants, and the attack led by the flaw. From the angle of sequence, the Yahalom-Paulson protocol is improved. From the analysis and improvement, it is shown that the inherent flaw of protocol sequence will result in attack on the protocol.Thirdly, by the analysis of various replay attacks on security protocols, it is found that the replay attacks can be launched at different levels and using different flaws existing at levels. Thus, a taxonomy of replay attacks based on attack hierarchy is proposed on four levels of attacks on security protocols, i.e. message block, inter-block inside step, inter-steps, and inter-protocols. Moreover, the approach and steps of checking attacks for protocols using such new taxonomy are demonstrated. The taxonomy not only contains the Syverson taxonomy of replay attacks, but also extends the replay attack up to the protocol level. Meanwhile, the taxonomy points out available flaws at each level by combining with the static construction of the message block in protocols. Additionally, the taxonomy can direct to check replay attacks on protocols.Fourthly, on the basis of the hierarchy of replay attacks, the parameters necessary for security protocol to avoid various attacks are analyzed, which are classified as the state parameter and the belief one, and then, a building approach for the message blocks of attack-resistant security protocols is proposed based on the state-binding and belief-binding. Aiming at possible flaws at various attack levels and the belief easy to be ignored, this approach can solve them by state-binding and belief binding, and thus the attack-resistant ability of the security protocols is enhanced to large extent.Finally, on the basis of above achievements, an idea about protocol normal form (PNF) and normalization is proposed, and four PNFs are defined. Then it is demonstrated how a non-PNF protocol is transformed gradually to PNF degree. Also, the elementary steps of protocol normalization are summarized. The PNF idea is helpful not only to judge the attack-resistant level for security protocols, but also to analyze and reform the existing protocols, so as to make them reach some PNF degree and to enhance their abilities of attack resistance.