Welcome to Journal of University of Chinese Academy of Sciences,Today is
RSS 中文

›› 2005, Vol. 22 ›› Issue (4): 511-517.DOI: 10.7523/j.issn.2095-6134.2005.4.018

Previous Articles     Next Articles

The Running-Mode Analysis of SSL310 Basic Handshake Protocol

MO Yan1,2, ZHANG Yu-Qing1, LI Xue-Gan2   

  1. 1. National Computer Network Intrusion Protection Center, Graduate School of the Chinese Academy of Sciences, Beijing 100049, China;
    2. School of Computer Science and Engineering, Xidian University, Xi’an 710071, China
  • Received:2004-05-09 Revised:2004-07-26 Online:2005-07-15

PDF (PC)

669

Abstract:

The simplified SSL310 basic handshake protocol is analyzed by using a formal analysis method called the approach of the running-mode analysis. By analyzing the protocol, we find three different types of attack. Through an in-depth research,we also find that although these three attacks seem to result from the leak of allowing different versions to coexist, they are different. The major difference is the different role imitation, which probably leads to potential attacks. Finally, some improvement is made to avoid these three attacks effectively, which improves the security of the protocol.

Key words: SSL protocol, formal analysis, running-mode analysis

CLC Number: 

Copyright © Journal of University of Chinese Academy of Sciences

Support by Beijing Magtech Co.ltd support@magtech.com.cn