中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
一种基于项重写的密码模块API安全性检测算法
Alternative Title: A security analysis algorithm for cryptographic module API using term rewriting system
Author: 刘波 ; 陈华
Keyword: PKCS#11 ; 模型检测 ; 项重写 ; 广度优先搜索 ; PKCS#11 ; model checking ; term rewriting ; breadth-first search
Source: 中国科学院大学学报
Issued Date: 2013
Volume: 30, Issue:5, Pages:699-705
Indexed Type: CSCD
Department: 中国科学院软件研究所,北京100080;中国科学院大学,北京100049 中国科学院软件研究所,北京,100080
Abstract: 针对密码模块API的形式化验证,提出一种基于项重写形式化模型的检测算法.该算法利用符号化及广度优先搜索方法,使用项重写规则对敌手的初始知识集不断进行匹配和扩展,直到找到攻击路径或者搜索完状态空间.以密码模块API标准PKCS#11为例具体实现了该检测算法,通过5个实验完成了对PKCS#11对称密钥管理部分API的形式化验证.实验结果表明,该方法能有效检测针对PKCS#11的攻击,并找到一个新的攻击序列.
English Abstract: For the formal verification of the cryptographic module API, a security analysis algorithm using term rewriting system was proposed. The term rewriting rules were used to extend the intruder's knowledge with breadth-first search and symbolic method. The search will stop until an attack path has been found or all the finite state space has been searched. The algorithm was applied to PKCS#11 which is an API standard for the cryptographic module, and five experiments were performed to complete the formal verification of the symmetric key management API commands of PKCS#11. The experimental results showed that the algorithm detected the attacks against PKCS#11 precisely and effectively, and also a new API attack sequence was discovered.
Language: 中文
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/16804
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
刘波,陈华. 一种基于项重写的密码模块API安全性检测算法[J]. 中国科学院大学学报,2013-01-01,30(5):699-705.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[刘波]'s Articles
[陈华]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[刘波]‘s Articles
[陈华]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace