Authentication test is a new type of formal analysis based on strand space model. Compared with strand space model, authentication test is simpler and clearer. However, authentication test cannot detect type flaw attack. This paper focuses on the definition of authentication test, outgoing test theorems, incom-ing theorems and unsolicited test theorems, and takes ISO/IEC9798-3 protocol as an example, then points out deficiency of authentication test. It modifies the definition of authentication test, and proposes an im-proved authentication test theory. Compared with original method, the new approach could expand the ap-plication scale of the authentication test theory.%认证测试方法是以串空间模型为基础的一种形式化分析方法。该方法在协议形式化分析过程中具有简洁、清晰等优点,然而,认证测试方法不能检测类型缺陷攻击,文中着力于研究认证测试方法的定义、输出测试定理、输入测试定理以及主动测试定理,以ISO/IEC9798-3协议的安全性分析为例指出认证测试方法的局限,在此基础上重新修改认证测试方法的相关定义,提出新的改进方案,新的认证测试方法扩大了认证测试理论的应用范围。
展开▼
