Skip to main content
SpringerLink
Log in

An attack-finding algorithm for security protocols

  • Regular Papers
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

This paper proposes an, automatic attack construction algorithm in order to find potential attacks on security protocols. It is based on a dynamic strand space model, which enhances the original strand space model by introducing active nodes on strands so as to characterize the dynamic procedure of protocol execution. With exact causal dependency relations between messages considered in the model, this algorithm can avoid state space explosion caused by asynchronous composition. In order to get a finite state space, a new method called strand-added on demand is exploited, which extends a bundle in an incremental manner without requiring explicit configuration of protocol execution parameters. A finer granularity model of term structure is also introduced, in which subterms are divided into check subterms and data subterms. Moreover, data subterms can be further classified based on the compatible data subterm relation to obtain automatically the finite set of valid acceptable terms for an honest principal. In this algorithm, terms core is designed to represent the intruder’s knowledge compactly, and forward search technology is used to simulate attack patterns easily. Using this algorithm, a new attack on the Dolve-Yao protocol can be found, which is even more harmful because the secret is revealed before the session terminates.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Lowe G. An attack on the Needham-Schroeder public key authentication protocol.Information Processing Letters, 1995, 56(3): 131–136.

    Article  MATH  Google Scholar 

  2. Gritzalis S, Spinellis D, Georgiadis P. Security protocols over open networks and distributed systems: Formal methods for their analysis, design, and verification.Computer Communications 1999, 22(8): 695–707.

    Article  Google Scholar 

  3. Burrows M, Abadi M, Needham R. A logic of authentication.ACM Transactions on Computer Systems, 1990, 8(1): 18–36.

    Article  Google Scholar 

  4. Gong L, Needham R, Yahalom R. Reasoning about belief in cryptographic protocols. InProceedings of the IEEE 1990 Symp. on Security and Privacy, Oakland, California, May, 1990, pp.234–248.

  5. Kindred D. Theory generation for security protocols [Dissertation]. Carnegie Mellon University, 1999.

  6. Brackin S. Automatically detecting most vulnerabilities in cryptographic protocols. In the DARPA Information. Survivability Conference and Exposition, 2000, 1: 222–236.

  7. Mitchell J C, Mitchell M, Stern U. Automated analysis of cryptographic protocols, using Murø InProceedings of the 1997 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, 1997, pp.141–151.

  8. Clarke E M, Jha S, Marrero W. Using state space exploration and a natural deduction style message derivation engine to verify security protocols. InProceedings of the IFIP Working, Conference on Programming Concepts and Methods, New York, 1998.

  9. Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. InTools and Algorithms for the Construction and Analysis of Systems, Lecture Notes in Computer Science 1055, Springer-Verlag, 1996, pp.147–166.

  10. Song D. Athena: A new efficient automated checker for security protocol analysis. InProceedings of 12th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press, June, 1999, pp.192–202.

  11. Paulson L. Proving properties of security protocols by induction. InProceedings of the 1997 IEEE Symposium on Research in Security and Privacy, 1997, pp.70–83.

  12. Thayer J F, Herzog J C, Guttman J D. Strand spaces: Proving security protocols correct.Journal of Computer Security, 1999.

  13. Thayer J F, Herzog J C, Guttman J D. Strand space: Why is a security protocol correct? InProceedings of 1998 IEEE Symposium on Security and Privacy, 1998, pp.160–171.

  14. Woo T, Lam S. A semantic model for authentication protocols. InProc. 14th IEEE Symposium on Research in Security and Privacy, Oakland: IEEE Computer Society Press, 1993, pp.178–194.

    Chapter  Google Scholar 

  15. Clark J, Jacob, J. A survey of authentication protocol literature. Available at: http://www.cs.york.ac.uk/-jac/papers/drareviewps.ps, 1997.

  16. Thayer J F, Herzog J C, Guttman J D. Strand space pictures InWorkshop on Formal Methods and Security Protocols, Indianapolis, Indiana, 1998.

  17. Ding Y. A Lazy Approach to Model Checking Authentication Protocols with “Black Boxes”. Available at: http://www.comp.nus.edu.sg/~dingyq.

  18. Mitchell J C, Shmatikov V, Stern U. Finite-state analysis of SSL 3.0. InSeventh USENIX Security Symposium, San Antonio, 1998, pp.201–216.

  19. Abadi M, Needham R. Prudent engineering practice for cryptographic protocols.IEEE Transactions on Software Engineering, 1996 22(1): 5–15.

    Article  Google Scholar 

  20. Hopper N J, Seshia S A, Wing J M. Combining theory generation and model checking for security protocol analysis. Technical Report CMU-CS-00-107, Carnegie Mellon University, 2000.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Shanghai Jiaotong University, 200030, Shanghai, P.R. China

    Liu Dongxi, Li Xiaoyong & Bai Yingcai

Authors
  1. Liu Dongxi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Li Xiaoyong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bai Yingcai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liu Dongxi.

Additional information

Supported by the National S219 Engineering under Grant No.2000-A32-09.

LIU Dongxi was born in 1973. He received his B.S. and M.S. degrees in computer science from Taiyuan University of Technology in 1996 and 1999 respectively. Now he is a Ph.D. candidate in the Department of Computer Science and Technology, Shanghai Jiaotong University. His research interests concentrate on security protocols, model checking and software architecture in router.

LI Xiaoyong was born in 1972. He received his B.S. and M.S. degrees in computer science from University of Electronic Science and Technology of China in 1993 and 1999. Now he is a Ph.D. candidate in the Department of Computer Science and Technology, Shanghai Jiaotong University. His research interests include intrusion detection, router architecture and Linux.

BAI Yingcai received his B.S. degree from Tsinghua University in 1961. Now he is a professor as well as a Ph.D. Supervisor in the Department of Computer Science and Technology, Shanghai Jiaotong University. He has published more than 96 papers and 43 books on computer network, and has received 16 awards for his research. His research interests include network management, router architecture, network security and network storage technology.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Liu, D., Li, X. & Bai, Y. An attack-finding algorithm for security protocols. J. Comput. Sci. & Technol. 17, 450–463 (2002). https://doi.org/10.1007/BF02943285

Download citation

  • Received:

  • Revised:

  • Issue Date:

  • DOI: https://doi.org/10.1007/BF02943285

Keywords

Search

Navigation