信息网络安全 ›› 2024, Vol. 24 ›› Issue (10): 1586-1594.doi: 10.3969/j.issn.1671-1122.2024.10.013

• 入选论文 • 上一篇    下一篇

基于递归认证测试的SIP协议形式化分析

姚萌萌(), 王宇, 洪瑜平   

  1. 江南计算技术研究所,无锡 214063
  • 收稿日期:2024-05-16 出版日期:2024-10-10 发布日期:2024-09-27
  • 通讯作者: 姚萌萌, wellstudy@163.com
  • 作者简介:姚萌萌(1982—),男,山东,工程师,博士,主要研究方向为网络安全|王宇(1973—),男,江苏,正高级工程师,硕士,主要研究方向为信息安全|洪瑜平(1996—),男,江西,工程师,主要研究方向为信息安全
  • 基金资助:
    国家重点研发计划(2022YFB4502000)

The Formal Analysis of SIP Protocol Based on the Recursive Authentication Test

YAO Mengmeng(), WANG Yu, HONG Yuping   

  1. Jiangnan Institute of Computing Technology, Wuxi 214063, China
  • Received:2024-05-16 Online:2024-10-10 Published:2024-09-27

摘要:

文章以形式化分析方法证明协议安全为研究目的,以具有灵活性、开放性、可伸缩性等特性的SIP协议为研究对象,运用基于串空间理论改进的递归认证测试形式化分析方法,分析了一种BAN逻辑证明安全的SIP身份认证协商协议,发现了该协议执行过程中协议格式不准确、易受中间人攻击的缺陷,并提出了针对该协议缺陷的改进方案。结果表明,文章所提出的递归认证测试形式化分析方法比BAN逻辑更适用、更有效,同时改进方案也增强了SIP身份认证协商协议的安全性。

关键词: SIP协议, 递归认证测试, 串空间, 形式化分析方法

Abstract:

The article took the formal analysis method to prove the security protocol security as the research purpose, and took the SIP protocol with the characteristics of flexibility, openness and scalability as the research object. The article employed a formal analysis approach based on the improved recursive authentication test within the framework of strand space theory. It scrutinized a SIP authentication negotiation protocol that had been proven secure using BAN logic, revealing inaccuracies in protocol format and vulnerabilities to man-in-the-middle attacks during its execution. Subsequently, the article proposed a revised scheme tailored to address these identified deficiencies. The results indicate that the recursive authentication test formal analysis method employed in this article is more applicable and effective than BAN logic. Furthermore, the proposed improvements significantly enhance the security of the SIP authentication negotiation protocol.

Key words: SIP protocol, recursive authentication test, strand space, formal analysis methods

中图分类号: