Advertisement

Authentication Protocol Analysis

  • Jonathan Millen

Abstract

We take a closer look at some of the limitations of current analysis approaches, and mention some work and open problems related to expanding their scope.

Keywords

cryptographic authentication protocol analysis decidable network security constraint solver 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Abadi and Rogaway, 2002]
    M. Abadi and P. Rogaway (2003). Reconciling two views of cryptography. J. Cryptology (15)2, pages 103–127.MathSciNetGoogle Scholar
  2. [Burrows, Abadi, and Needham, 1990]
    M. Burrows, M. Abadi and R. Needham (1990). A logic of authentication. ACM Transactions on Computer Systems 8(1), pages 18–36.CrossRefGoogle Scholar
  3. [Blanchet, 2001]
    B. Blanchet (2001) An efficient cryptographic protocol verifier based on Prolog rules. 14th IEEE Computer Security Foundations Workshop, pages 82–96.Google Scholar
  4. [Bleichenbacher, 1998]
    D. Bleichenbacher (1998). Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In Advances in Cryptology — CRYPTO '98, volume 1462 of LNCS, pages 1–12. Springer.zbMATHGoogle Scholar
  5. [Basin, et al., 2003]
    D. Basin, S. Moedersheim, and L. Vigano (2003). Constraint differentiation: A new reduction technique for constraint-based analysis of security protocols. In ACM Conference on Computer and Communication Security. ACM SIGSAC.Google Scholar
  6. [Backes, et al., 2003]
    M. Backes, B. Pfitzmann, and M. Waidner (2003). A composable cryptographic library with nested operations. In ACM Conference on Computer and Communications Security. ACM SIGSAC, 2003.Google Scholar
  7. [Comon, et al., 2001]
    Hubert Comon, Véronique Cortier, and John Mitchell (2001). Tree automata with one memory, set constraints, and ping-pong protocols. Lecture Notes in Computer Science, 2076, pages 682–693.Google Scholar
  8. [Corin and Etalle, 2002]
    R. Corin and S. Etalle (2002). An improved constraint-based system for the verification of security protocols. In 9th Int. Static Analysis Symp. (SAS), volume LNCS 2477, pages 326–341. Springer-Verlag.MathSciNetGoogle Scholar
  9. [Chevalier, et al., 2003]
    Y. Chevalier, R. Kuesters, M. Rusinowitch and M. Turuani (2003). Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents. IFI-Report 0305, CAU Kiel.Google Scholar
  10. [Durgin, et al., 1999]
    N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov (1999). Undecidability of bounded security protocols. Formal Methods and Security Protocols, FLOC 99.Google Scholar
  11. [Denning and Sacco, 1981]
    D. Denning and G. Sacco (1981). Timestamps in key distribution protocols. Communications of the ACM 24(8).Google Scholar
  12. [Dolev and Yao, 1983]
    D. Dolev and A. Yao (1983). On the security of public key protocols. IEEE Transactions on Information Theory, IT-29. pages 198–208, Also STAN-CS-81-854, May 1981, Stanford U.MathSciNetCrossRefGoogle Scholar
  13. [Even and Goldreich, 1983]
    S. Even and O. Goldreich (1983). On the security of multi-party ping-pong protocols. 24th IEEE Symposium on Foundations of Computer Science.Google Scholar
  14. [Heather, et al., 2003]
    J. Heather, G. Lowe and S. Schneider (2003). How to prevent type flaw attacks on security protocols. 13th IEEE Computer Security Foundations Workshop, pages 255–268.Google Scholar
  15. [Huima, 1999]
    A. Huima (1999). Efficient infinite-state analysis of security protocols. In Workshop on Formal Methods and Security Protocols, FLOC.Google Scholar
  16. [Lowe, 1996]
    G. Lowe (1996). Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS, volume 1055 of Lecture Notes in Computer Science, pages 147–166. Springer-Verlag.Google Scholar
  17. [Lynch and Meadows, 2004]
    C. Lynch and C. Meadows (2004). On the relative soundness of the free algebra model for public key encryption. In Workshop on Issues in the Theory of Security (WITS), IFIP WG 1.7.Google Scholar
  18. [Meadows and Narendran, 2002]
    C. Meadows and P. Narendran (2002). A unification algorithm for the group Diffie-Hellman protocol. Workshop on Issues in the Theory of Security (WITS 02), pages 1–10.Google Scholar
  19. [Millen, 2003]
    J. Millen (2003). On the freedom of decryption. Information Processing Letters, 86(6): pages 329–333.MathSciNetCrossRefGoogle Scholar
  20. [Millen and Shmatikov, 2001]
    J. Millen and V. Shmatikov (2001). Constraint solving for bounded-process cryptographic protocol analysis. In 8th ACM Conference on Computer and Communication Security, pages 166–175. ACM SIGSAC, November.Google Scholar
  21. [Millen and Shmatikov, 2003]
    J. Millen and V. Shmatikov (2003). Symbolic protocol analysis with products and Diffie-Hellman exponentiation. 16th IEEE Computer Security Foundations Workshop, pages 47–61.Google Scholar
  22. [Needham and Schroeder, 1978]
    R. Needham and M. Schroeder (1978). Using encryption for authentication in large networks of computers. Communications of the ACM (21)12, December, pages 993–998.CrossRefGoogle Scholar
  23. [Pereira and Quisquater, 2001]
    O. Pereira and J. Quisquater (2001). A security analysis of the Cliques protocol suites. 14th IEEE Computer Security Foundations Workshop, pages 73–81.Google Scholar
  24. [Perrig and Song, 2000]
    A. Perrig and D. Song (2000). A first step toward the automatic generation of security protocols. Network and Distributed System Security Symposium.Google Scholar
  25. [Rusinowitch and Turuani, 2001]
    M. Rusinowitch and M. Turuani (2001). Protocol insecurity with finite number of sessions is NP-complete. In 14th IEEE Computer Security Foundations Workshop, pages 174–190. IEEE Computer Society.Google Scholar
  26. [Song, 1999]
    D. Song (1999). Athena: a new efficient automatic checker for security protocol analysis. In 12th IEEE Computer Security Foundations Workshop, pages 192–202. IEEE Computer Society.Google Scholar
  27. [Thayer, et al., 1999]
    J. Thayer, J. Herzog, and J. Guttman (1999). Strand spaces: proving security protocols correct. Journal of Computer Security, 7(2/3): pages 191–230.Google Scholar

Copyright information

© Springer Science+Business Media, Inc. 2005

Authors and Affiliations

  • Jonathan Millen
    • 1
  1. 1.SRI InternationalMenlo ParkUSA

Personalised recommendations