Abstract
This paper proposes the improved authentication tests in order to find the potential attacks on security protocols. It is based on the authentication tests theory and enhances the original methods by introducing the notion of message type. Formalized definition of replay attacks have been integrated into the original theoretical models for further verification of security protocols. The thoroughly proof of initial and subsequent authentications in Neuman-Stubblebine protocol shows that the improved authentication tests can find flaws of the protocol more efficiently than the original ones.
This work was supported by the National 863 Project under Grant No. 2005AA145110.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Joshua, D.G., Thayer, F.J.: Authentication tests. In: Proceedings of 2000 IEEE Symposium on Security and Privacy, pp. 96–109. IEEE Computer Society Press, Oakland CA (2000)
Joshua, D.G., Thayer, F.J.: Authentication tests and the structure of bundles. Theoretical Computer Science 283, 333–380 (2002)
Guttman, J.D.: Authentication tests and disjoint encryption: A design method for security protocols. Journal of Computer Security 12(3-4), 409–433 (2004)
QingGuang, J., SiHan, Q., YongBin, Z., DengGuo, F.: Study on strand space model. Journal of Computer Science and Technology 18(5), 553–570 (2003)
Syverson, P.: Towards a strand semantics for authentication logic. Electronic Notes in Theoretical Computer Science 20, 62–72 (2000)
Dongxi, L., Xiaoyong, L., Yingcai, B.: An attack-finding algorithm for security protocols. Journal of Computer Science and Technology 17(4), 450–463 (2002)
Athena, S.D.: A new efficient automatic checker for security protocol analysis. In: Proceedings of the 1999 IEEE Computer Security Foundations Workshop, pp. 192–202. IEEE Computer Society Press, Los Alamitos (1999)
Perrig, A., Song, D.: Looking for diamonds in the desert-extending automatic protocol generation to three-party authentication and key agreement. In: Proceedings of the 13th IEEE Computer Security Foundations Workshop, pp. 64–76. IEEE Computer Society Press, Los Alamitos (2000)
Hwang, T., Lee, N.Y., Li, C.M., Ko, M.Y., Chen, Y.H.: Two attacks on Neuman-Stubblebine authentication protocols. Information Processing Letters 53, 103–107 (1995)
Javier Thayer Fabrega, F., Herzog, J.C., Guttman, J.D.: Strand space: why is a security protocol correct? Journal of Computer Security 7(2,3), 191–230 (1999)
Neuman, B.C., Stubblebine, S.G.: A note on the use of timestamps as nonces. Operating Systems Review 27(2), 10–14 (1993)
Gurgens, S.: A formal analysis technique for authentication protocols. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 159–176. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, X., Yang, S., Li, J., Zhu, H. (2006). Security Protocol Analysis with Improved Authentication Tests. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2006. Lecture Notes in Computer Science, vol 3903. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11689522_12
Download citation
DOI: https://doi.org/10.1007/11689522_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33052-3
Online ISBN: 978-3-540-33058-5
eBook Packages: Computer ScienceComputer Science (R0)