Skip to main content
SpringerLink
Log in

Informal Analysis Schemes of Cryptographic Protocols

  • Chapter
Book cover Cryptographic Protocol

  • 909 Accesses

Abstract

Four security definitions about unilateral authentication secure, mutual authentication secure, unilateral session key secure, or mutual session key secure are given respectively under the computational model of matching conversation and indistinguishability. An informal analysis approach based on trusted freshness is presented, and the analysis results suggest the correctness of a protocol or the way to construct attacks intuitively from the absence of security properties. Then, the reasons why typical attacks on authentication protocols exist are discussed based on trusted freshness, and corresponding examples are illustrated to corroborate the discussion.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Needham RM, Schroeder MD (1978) Using Encryption for Authentication in Large Network of Computers. Communication of the ACM 21(12): 993–999

    Article  MATH  Google Scholar 

  2. Feige U, Fiat A, Shamir A (1987) Zero Knowledge Proofs of Identify. In: STOC’87 Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, New York, 25–27 May 1987

    Google Scholar 

  3. Miller SP, Neuman BC, Schiller JI, Saltzer JH (1987) Kerberos Authentication and Authorization System. Paper Presented at the Project Athena Technical Plan Section E.2.1. MIT, Boston

    Google Scholar 

  4. CCITT (1987) CCITT Draft Recommendation X.509. The Directory-Authentication Framework (Version 7), New York

    Google Scholar 

  5. Woo TYC, Lam SS (1992) Authentication for Distributed Systems. Computer 25(1): 39–52

    Article  Google Scholar 

  6. Kaufman C (1993) Distributed Authentication Security Service, RFC 1507. http://www.ietf.org/rfc/rfc1507.txt. Accessed 7 Sept 2010

    Google Scholar 

  7. Okamoto T (1993) Provably Secure and Practical Identification Schemes and Corresponding Signature Scheme. In: CRYPTO’92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara 16–20 Aug 1992. Lecture Notes in Computer Science, vol 740, pp 31–53, Springer

    Google Scholar 

  8. IBM Zurich Laboratory (1995) Internet Keyed Payments Protocol (IKP). http://www.zurich.ibm.com /Technology/Security/extern/ecommerce/spec. Accessed 30 June 2010

    Google Scholar 

  9. Lowe G (1995) An Attack on the Needham-Schroeder Public-key Authentication Protocol. Information Processing Letters 56(3): 131–133

    Article  MATH  Google Scholar 

  10. Abadi M, Needham R (1996) Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1): 6–15

    Article  Google Scholar 

  11. Freier AO, Karlton P, Kocher PC (1996) The SSL Protocol Version 3.0. http://wp.netscape.com/eng/ssl3/draft302.txt. Accessed 18 Nov 1996

    Google Scholar 

  12. Clark J and Jacob J (1997) A Survey of Authentication Protocol Literature: Version 1.0. http://www.win.tue.nl/≈ecss/downloads/clarkjacob.pdf. Accessed Nov 2010

    Google Scholar 

  13. SET. Secure Electronic Transaction. The SET Standard Specification. http:// www.setco.org/set-specifications. Accessed May 1997

    Google Scholar 

  14. Harkins D, Carrel D (1998) The Internet Key Exchange Protocol (IKE), RFC 2409. http://www.ietf.org/rfc/rfc2409.txt. Accessed 12 Dec 2010

    Google Scholar 

  15. ANSI/IEEE Std 802.11. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Sept 1999

    Google Scholar 

  16. Burrows M, Abadi M, Needham R (1990) A Logic of Authentication. ACM Transactions on Computer Systems 8(1): 18–36

    Article  Google Scholar 

  17. Bellare M, Rogaway P (1993) Entity Authentication and Key Distribution. In: CRYPTO’93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 22–26 Aug 1993. Lecture Notes in Computer Science, vol 773, pp 232–249, Springer

    Google Scholar 

  18. Lowe G (1999) Towards a Completeness Result for Model Checking of Security Protocols. Journal of Computer Security 7(2–3): 89–146

    Google Scholar 

  19. Canetti R, Krawczy H (2001) Analysis of Key-exchange Protocols and Their Use for Building Secure Channels. In: EUROCRYPT’01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, Innsbruck, 6–10 May 2001. Lecture Notes in Computer Science, vol 2045, pp 453–474, Springer

    Google Scholar 

  20. Blanchet B (2006) A Computationally Sound Mechanized Prover for Security Protocols. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, Berkeley/Oakland, 21–24 May 2006

    Google Scholar 

  21. Datta A, Derek A, Mitchell JC, Roy A (2007) Protocol Composition Logic (PCL). Electronic Notes in Theoretical Computer Science 172: 311–358.

    Article  MathSciNet  Google Scholar 

  22. Mao W (2004) Modern Cryptography: Theory and Practice. Prentice Hall, New Jersey

    Google Scholar 

  23. Dolev D, Yao AC (1983) On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29(2): 198–208

    Article  MathSciNet  MATH  Google Scholar 

  24. Bellare M, Rogaway P (1993) Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. In: CCS’93 Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, 3–5 Nov 1993

    Google Scholar 

  25. Goldwasser S, Micali S (1984) Probabilistic Encryption. Journal of Computer and System Sciences 28(2): 270–299

    Article  MathSciNet  MATH  Google Scholar 

  26. Dong L, Chen K, Zheng Y, Hong X (2008) The Guarantee of Authentication Protocol Security. Journal of Shanghai JiaoTong University 42(4): 518–522

    Google Scholar 

  27. Otway D, Rees O (1987) Efficient and Timely Mutual Authentication. Operating Systems Review 21(1): 8–10

    Article  Google Scholar 

  28. Diffie W, Hellman ME (1976) New Directions in Cryptography. IEEE Transactions on Information Theory 22(6): 644–654.

    Article  MathSciNet  MATH  Google Scholar 

  29. Menezes A, van Oorschot P, Vanstone S (1996) Handbook of Applied Cryptography. CRC Press, New York

    Book  Google Scholar 

  30. Matsumoto T, Takashima Y, Imai H (1986) On Seeking Smart Public-key Distribution Systems. Trans. IECE Japan 69(2): 99–106.

    Google Scholar 

  31. Denning DE, Sacco GM (1981) Timestamps in Key Distribution Protocols. Communication of the ACM 24(8): 533–536

    Article  Google Scholar 

  32. Woo TYC, Lam SS (1994) A Lesson on Authentication Protocol Design. ACM Operating Systems Review 28(3): 24–37

    Article  Google Scholar 

  33. Neuman BC, Stubblebine SG (1993) A Note on the Use of Timestamps as Nonces. Operating Systems Review 27(2): 10–14

    Article  Google Scholar 

  34. Bird R, Gopal I, Herzberg A, Janson P, Kutten S, Molva R, Yung M (1995) The KryptoKnight Family of Light-weight Protocols for Authentication and Key Distribution. IEEE/ACM Transactions on Networking 3(1): 31–41

    Article  Google Scholar 

  35. Tatebayashi M, Matsuzaki N, Newman D (1989) Key Distribution Protocol for Digital Mobile Communication Systems. In: CRYPTO’93 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 20–24 Aug 1989. Lecture Notes in Computer Science, vol 435, pp 324–334, Springer

    Google Scholar 

  36. Lowe G, Roscoe B (1997) Using CSP to Detect Errors in the TMN Protocol. IEEE Transactions on Software Engineering 23(10): 659–669

    Article  Google Scholar 

  37. Tanenbaum AS (2001) Computer Networks, 3rd edn. Prentice Hall, New Jersey

    Google Scholar 

  38. Zhou J, Gollmann D (1996) A Fair Non-repudiation Protocol. In: Proceedings of 1996 IEEE Symposium on Security and Privacy, Oakland, 6–8 May 1996

    Google Scholar 

  39. Zhou J (1996) Non-repudiation. PhD Dissertation, University of London

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai, 200240, P.R. China

    Ling Dong & Kefei Chen

Authors
  1. Ling Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kefei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dong, L., Chen, K. (2012). Informal Analysis Schemes of Cryptographic Protocols. In: Cryptographic Protocol. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24073-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24073-7_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24072-0

  • Online ISBN: 978-3-642-24073-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation