Xuyang Miao scite author profile

Xuyang Miao

4Publications

5Citation Statements Received

86Citation Statements Given

How they've been cited

How they cite others

Affiliations

State Key Laboratory of Cryptology

Publications

Order By: Most citations

An Efficient ECC-Based Authentication Scheme against Clock Asynchronous for Spatial Information Network

Huang¹,

Miao

Wu³

et al. 2021

Mathematical Problems in Engineering

View full text Add to dashboard Cite

With the rapid development of mobile communication technology, the spatial information networks (SIN) have been used for various space tasks’ coverage in commercial, meteorology, emergency, and military scenarios. In SIN, one basic issue is to achieve mutual authentication and secret communication among the participants. Although many researches have designed authentication schemes for SIN, they have not considered the situation where the clock is not synchronized as the broad coverage space in wireless environment. In this paper, we disclose several flaws of Altaf et al.’s scheme (2020), in which the main weakness is that a malicious user can easily obtain the master key of the network control center after launching the offline password-guessing attack. Then, we design an authentication scheme against clock asynchronous for SIN by utilizing elliptic curve cryptosystem (ECC) and identity-based cryptography (IBC). Based on a brief introduction to the main design ideas of our scheme, the security protocol analysis tools of Scyther and AVISPA are used to prove that the scheme can resist various existing active and passive attacks. We further discuss our scheme that provides five essential requirements of security properties to design a robust scheme for SIN and is superior in terms of resistance to security functionality and computational performance by comparison with two other representative schemes. As a result, our scheme will be workable and efficient security for mobile users in the actual environment.

show abstract

ESSM: Formal Analysis Framework for Protocol to Support Algebraic Operations and More Attack Capabilities

Miao

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

The strand space model has been proposed as a formal method for verifying the security goals of cryptographic protocols. However, only encryption and decryption operations and hash functions are currently supported for the semantics of cryptographic primitives. Therefore, we establish the extended strand space model (ESSM) framework to describe algebraic operations and advanced threat models. Based on the ESSM, we add algebraic semantics, including the Abelian group and the XOR operation, and a threat model based on algebraic attacks, key-compromise impersonation attacks, and guess attacks. We implement our model using the automatic analysis tool, Scyther. We demonstrate the effectiveness of our framework by analysing several protocols, in particular a three-factor agreement protocol, with which we can identify new attacks while providing trace proofs.

show abstract

A Formal Verification Method for Security Protocol Implementations Based on Model Learning and Tamarin

Zhang

Zhu

et al. 2021

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

The verification of security protocol implementations is notoriously difficult and important. In this paper, combining with the model learning using Tamarin, a formal verification tool of protocol specification, a formal verification method for security protocol implementations is proposed. We extract state machine information from protocol implementations by model learning, and determine suspicious paths in the finite-state machines by cross-validation between different implementations of the same protocol; and then verify whether the suspicious paths violate the security properties of the protocol using Tamarin. It can be used to detect logical errors in protocol implementations and avoid relying on expert experience to make compliance rules from protocol documents when using model checking tools. The effectiveness of this method is demonstrated by the vulnerability detection of the typical ChangeCipherSpec in the TLS protocol implementation. The method proposed can help developers to develop more robust implementations of security protocols.

show abstract

Research on Security Protocol Analysis Tool SmartVerif

Han

Miao

et al. 2021

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

Security protocols have been designed to protect the security of the network. However, many security protocols cannot guarantee absolute security in real applications. Therefore, security tests of the network protocol become particularly important. In this paper, firstly, we introduce SmartVerif, which is the first formal analysis tool to automatically verify the security of protocols through dynamic strategies. And then, we use SmartVerif to verify the pseudo-randomness of the encapsulated key of the Two-Pass AKE protocol, which was proposed by Liu’s in ASIACRYPT in 2020. Finally, we summary our work and show some limitations of SmartVerif. At the same time, we also point out the direction for future improvement of SmartVerif.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Xuyang Miao

An Efficient ECC-Based Authentication Scheme against Clock Asynchronous for Spatial Information Network

ESSM: Formal Analysis Framework for Protocol to Support Algebraic Operations and More Attack Capabilities

A Formal Verification Method for Security Protocol Implementations Based on Model Learning and Tamarin

Research on Security Protocol Analysis Tool SmartVerif

Contact Info

Product

Resources

About