自動偵測認證協定漏洞系統

Abstract

由於現今網路世界的發達，人們越來越喜歡透過網路交易、網路付費，因此認證協定是一個非常重要的一環，而他的安全性和正確性一直受到關注。在前人的研究中提出了各式各樣分析的方法，然而這些方法通常都需要一些假設，也因此只有很有經驗的人才能理解其中的奧妙。因此在本論文中，我們提出了一個不同於以往的想法來分析認證協定的安全性，而這個方法對於設計認證協定的設計者會是一個很好的小幫手。

Because it is not very secure in the network environment, an authentication protocol plays a more and more important role under the current network environment. If the authentication protocol has flaw, it will be very serious. You cannot make sure whom you communicate with. The soundness of an authentication protocol has been drawing many spotlights since past years. Many logic systems have been proposed in plenty of papers. However, they are either hard to implement or need lots of experience. Then we suggest detection methods to reveal the potential vulnerabilities of an authentication protocol. We think that the proposed methods will be a helpful tool for an authentication designer.