Common use of Security Analysis Clause in Contracts

Security Analysis. We analyze that some well-known security threats cannot work on our proposed scheme. Case 1. can observe the network activities of B. Since the trust of B believing the received message de- pends on the response of the server S, has to forge VA for passing the verification of S. By our Definition 2, it is hard for A to derive the secret point dA ∗ dS ∗ Q by using the points UA and US. Case 2. can observe the network activities of S. Since the trust of S believing the received message de- pends on the verification of VA and VB, A has to forge VA and VB for passing the verifications. The reason is the same as Case 1. By our Definition 2, this way is infeasible. Case 3. wants to forge the responses of S. Since the trust of A and B believing the responses are sent from S depends on the verification of VSA and VSB. The goal of is to forge VSA and VSB for passing the verifications. By our Definition 2, it is computationally infeasible for A to calculate the points rA ∗ dS ∗ Q and rB ∗ dS ∗ Q. It implies that cannot forge the points (VSA, VSB). The man-in-the-middle attack does not work in our scheme.

Security Analysis. We analyze that some well-known security threats cannot work on our proposed scheme. Case 1. can observe the network activities of B. Since the trust of B believing the received message de- pends on the response of the server S, has to forge VA for passing the verification verification of S. By our Definition Definition 2, it is hard for A to derive the secret point dA ∗ dS ∗ Q by using the points UA and US. Case 2. can observe the network activities of S. Since the trust of S believing the received message de- pends on the verification verification of VA and VB, A has to forge VA and VB for passing the verificationsverifications. The reason is the same as Case 1. By our Definition Definition 2, this way is infeasible. Case 3. wants to forge the responses of S. Since the trust of A and B believing the responses are sent from S depends on the verification verification of VSA and VSB. The goal of is to forge VSA and VSB for passing the verificationsverifications. By our Definition Definition 2, it is computationally infeasible for A to calculate the points rA ∗ dS ∗ Q and rB ∗ dS ∗ Q. It implies that cannot forge the points (VSA, VSB). The man-in-the-middle attack does not work in our scheme. of the trusted server and believe the communicated party is correct. No outsider or any valid malicious user can launch the attack successfully.