摘要:In this paper, We have found a new man-in-the-middle attack on the BAN modified Andrew Secure RPC protocol with a protocol model-checker based on SAT. The man-in-the-middle attack, during which an intruder can impersonate an honest agent and forge a set of messages to communicate with another honest agent, destroys the assumed authentication of the protocol, one of the important properties of security protocol. Subsequently, we have reasoned about vulnerability of the protocol and proposed a remedial method to overcome the weakness of the protocol. The method, simple and effective, can be helpful to analyze and design other security protocols.
关键词:model-checker; SAT; BAN modified Andrew Secure RPC; man-in-the-middle attack; a remedial method; an identifier
