计算机工程与科学2025,Vol.47Issue(6):998-1007,10.DOI:10.3969/j.issn.1007-130X.2025.06.006
OpenVPN协议颠覆攻击技术研究
Research on OpenVPN protocol subversion attack technology
李子玉 1何俊 1刘羿希1
作者信息
- 1. 国防科技大学信息通信学院,湖北武汉 430000
- 折叠
摘要
Abstract
OpenVPN,as a typical application for channel encryption,faces severe threats from large-scale surveillance and subversion attacks on its security.By studying the communication characteristics of the four stages of the protocol and conducting a detailed analysis of the attack surfaces and conditions at each stage,researchers construct a security game model and attack framework for subversion attacks targeting the data encryption and decryption stages of the OpenVPN protocol.To address the challenge of traditional models struggling to accurately assess attack effectiveness in complex real-world communi-cation environments,a definition of attack advantage is proposed,with data decryption probability serv-ing as the primary evaluation criterion.This aids in a more precise quantitative assessment of attack ef-fectiveness under the influence of different factors.Based on this,an Ⅳ(Initialization Vector)replace-ment attack method is designed and instantiated,with the fundamental properties of the attack method proven.Systematic analysis and comparison of attack advantages against different encryption algorithms of the OpenVPN protocol are conducted,and specific mitigation measures are proposed.关键词
大规模监视/颠覆攻击/OpenVPN协议Key words
mass surveillance/subversion attack/OpenVPN protocol分类
计算机与自动化引用本文复制引用
李子玉,何俊,刘羿希..OpenVPN协议颠覆攻击技术研究[J].计算机工程与科学,2025,47(6):998-1007,10.
