| Today, we contact each other more conveniently with the network, applications especially electronic commerce require to establish secure communication over insecure open networks and distributed systems urgently.If we can't solve the safe problem of computer system,application of computer will be limited.Authentication is one of the most important properties in network security,it is usually ensured by designing authentication protocols which use cryptographic techniques.Unfortunately,a good cryptographic technique can't ensure the security of a authenticaitoin protocol.there are several examples of authentication protocols that were published,believed to be sound,and later shown to have several security flaws.So,the most important task to researchers is how to ensure security of authentication protocols.In this paper, our research focuses on the structure of protocols but the cryptographic technique.we use formal methods to analyze capability of the authentication protocols. All kinds of electronic commercial rquirment need safe, credible, fair electronic commerce protocols.Solving the reliability is the most important problem in business. Electronic commerce is a network bussiness system, achieveing the implement the payment of digital money and the implement of service. The design of electronic commerce protocols must satisfy the accountability,that is to say either pricipal can't deny the message that it has said, but a good cryptographic technique can't ensure the security of a protocol either, the structure of protocols is a pivotal problem.We need not only belief of key but also client can prove it can achieve the service from merchant and merchant can prove it can achieve the digital money from client. Bank must provide proof and assurance while performing the digital-money payments. Improved formal analysis mothod still can analyze the electronic commerce protocols. In this paper,my research focuses on formal analysis on authentication protocols and Electronic commerce protocols that based on cryptographic techniques . My main works are listed as follows:1 By introducing the reseach of formal analysis method,we can educe the conclusion that formal analysis can analyze the flaws of authentication protocols and electronic commerce protocols comprehensively and profoundly. 2.According the analyzed conclusion of Needham-Schroeder protocol with the BAN logic.With the rules of idealization and the guiding principles, I improve the Needham-Schroeder protocol,a basic model of authencication protocols based on symmetric cryptography is proposed.3.Some research shows that many successful attacks can exploit the messages's same stractures and the association among the session key,the fresh indentifier and the name of pricipals.So several new guiding principles are generalized to help design authentication protocols.Using these guiding principles,we can reduce the flaws in the process of designing authenctication protocols.4.A new framework is proposed for the analysis of electronic commerce p rotocols because Kailar logic can't analyze the fairness of the electronic protocol efficiently . Every pricipal's local state is defined as three formula sets: belief set,seen set,key set. several new rational principles are proposed.This framework can analyze the fairness, accountability, security of electronic commerce protocols.Using this framework, I analyze the fairness of Bolignano payment protocol successfully and propose its betterment.5.Because of having many symbols and principles in ratiocinative proceed and logic ratiocination being implemented easily on computer system.I compile a ratiocinative system with Prolog language .The initialization and the conversion of protocols are realized by analyser, Ratiocinative proceed is realized by computer system,so we can authenticate whether protocol's target is satisfied or not.6. Non-negation as one of the basic network security services ,must provide mechanisms in which evidence will be generated ,collected and maintained to protect the transa...
|
PDF Full Text Request