Abstract: To improve the formalization and accuracy of enhanced authentication tests and the effectiveness of security protocol analysis and improvement, the theory and methods of authentication tests are extended and optimized from principal knowability, principal identity, parameter types, and roles challenge-response structure. Then, based on the optimized enhanced authentication tests method, the correspondence of the original Otway-Rees protocol is analyzed, and the main factors that cause principals to fail to reach consistency on the session key are found. According to the correspondence degree of principals, by the reconstruction and construction of the test components on the existing messages, three new, improved schemes of Otway-Rees protocol are given without changing the original cryptosystem, and fresh value mechanism, the order, and the number of messages exchanged among principals. The practice of protocol analysis shows that optimized enhanced authentication tests can improve the formalization of protocol analysis and reduce the complexity of protocol analysis and accurately locate protocol defects and provide correction schemes.

Keywords: Authentication Tests; Formal Analysis; Otway-Rees; Security Protocol

Link: International Journal of Network Security, Vol.23, No.3, PP.426-435, May 2021（EI检索）