| With the computer network be widely used, security problems of computer network have been exposed more and more. In the area of network security, because all kinds of security services are all based on security protocols, it is most important that the security protocols are secure. In the past 20 years, people introduced many security protocols in order to fulfill all sorts of network applications. However, later research proved that there were security leaks in most security protocols. How to design secure security protocols and how to verify security protocols become the most important two areas in the research on security protocols.Security protocols belong to communication protocols. The main aim of security protocols is to realize key agreement and authentication using cryptography. However, many facts show that there are still some leaks in the security protocols which have been carefully analyzed and designed by security experts. Firstly, this paper analyzes all kinds of security protocols. Then this paper summarizes 5 kinds of typical security protocol leaks.Formal verification is in effect to detect security protocols. The development of BAN logic promotes the research of this area. This paper describes the formal methods and the application of formal methods on verification of security protocols. Simultaneously in this paper, a model of strand spaces, a current leading branch of formal methods, is researched and analyzed in detail. And then by using strand spaces to analyze the Andrew secure RPC protocol, some security flaws are discovered. In this paper, BAN logic is compared with strand space model and lastly good and bad points of the above approaches are indicated. Then some extension of strand space model is needed to analyse fair nonrepudiation protocols in effect. The extended strand space model is applied in the formal description of Zhou-Gollman protocol. |
PDF Full Text Request