User interaction constitutes a largely unexplored field in protocol analysis, even in instances where the user takes an active role as a trusted third party, such as in the Internet of Things (IoT) device initialization protocols. Initializing the formal modeling of 3-party authentication protocols where one party is a physical user, this research introduces the 3-party possession user-mediated authentication (3-PUMA) model. The 3-PUMA model addresses active user participation in a protocol which is designed to authenticate possession of a fixed data string—such as in IoT device commissioning. Using the 3-PUMA model, we provide a computational analysis of the ISO/IEC 9798-6:2010 standard’s Mechanism 7a authentication protocol which includes a user interface and interaction as well as a device-to-device channel. Furthermore, we introduce existential unforgeability under key collision attacks (EUF-KCA) and provide a corresponding security experiment. We show that the security of ISO/IEC 9798-6:2010 Mechanism 7a relies upon EUF-KCA MAC security. Since it is unknown whether any standardized MAC algorithm achieves EUF-KCA security, this research demonstrates a potential vulnerability in the standard.

即使在用户扮演受信任的第三方的主动角色的情况下（例如在物联网（IoT）设备初始化协议中），用户交互也构成协议分析中未开发的领域。初始化其中一方是物理用户的3方身份验证协议的正式模型，本研究介绍了3方拥有用户介导的身份验证（3-PUMA）模型。3-PUMA模型解决了用户积极参与协议的问题，该协议旨在验证对固定数据字符串的拥有权，例如在IoT设备调试中。使用3-PUMA模型，我们对ISO / IEC 9798-6：2010标准的7a机制认证协议进行了计算分析，该协议包括用户界面和交互以及设备到设备通道。此外，我们介绍了在密钥冲突攻击（EUF-KCA）下存在的不可伪造性，并提供了相应的安全性实验。我们表明，ISO / IEC 9798-6：2010机制7a的安全性依赖于EUF-KCA MAC安全性。由于尚不清楚任何标准化的MAC算法是否能达到EUF-KCA安全性，因此本研究证明了该标准中的潜在漏洞。