摘要:
This paper adopts the Distributed Lightweight Kerberos (DLK) protocol, which is a result of enhancing the well-known Kerberos protocol. One of the advantages of the DLK protocol is that it addresses mutual authentication and confidentiality challenges while reducing the required number of messages to securely communicate with multiple service providers. In this paper we formally analyze and verify the DLK protocol that has been designed for multi-agent based systems. We use the ProVerif formal model checker in order to model and verify the DLK protocol. Using ProVerif exposed essential security problems in the DLK protocol as non-formal analysis had shown. ProVerif enabled us to detect that mutual authentication is compromised between the DLK participants. We propose a nonce-based authentication technique in order to redesign the protocol and fix this flaw. We then verified the correctness of the proposed protocol using the ProVerif tool.
展开