Abstract
Many methods of analysing security protocols have been proposed, but most such methods rely on analysing a protocol running only a finite network. Some, however—notably, data independence, the strand spaces model, and the rank functions model—can be used to prove correctness of a protocol running on an unbounded network.
Roscoe and Broadfoot in [17] show how data independence techniques may be used to verify a security protocol running on an unbounded network. They also consider a weakness inherent in the RSA algorithm, discovered by Franklin and Reiter [3], and show that their data independence approach cannot deal with an intruder endowed with the ability to exploit this weakness.
In this paper, we show that neither can the use of honest ideals in the strand spaces model or the use of rank functions in the CSP model be easily adapted to cover such an intruder. In each case, the inequality tests required to model the new intruder cause problems when attempting to extend analysis of a finite network to cover an unbounded network. The results suggest that more work is needed on adapting the intruder model to allow for cryptographic attacks.
Chapter PDF
References
D. Coppersmith, M. Franklin, J. Patarin, and M. Reiter. Low-exponent RSA with related messages. Lecture Notes in Computer Science, 1070, 1996.
Danny Dolev and Andrew C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 1983.
M. Franklin and M. Reiter. A linear protocol failure for RSA with exponent three. 1995. Presented at the Rump Session of Crypto’ 95, Santa Barbara, CA.
Joshua D. Guttman and F. Javier Thayer Fábrega. Authentication Tests. In Proceedings of the 2000 IEEE Symposium on Security and Privacy. IEEE Computer Security Press, May 2000.
Joshua D. Guttman and F. Javier Thayer Fábrega. Protocol Independence through Disjoint Encryption. Proceedings of 13th IEEE Computer Security Foundations Workshop, pages 24–34, June 2000.
James A. Heather. Exploiting a weakness of RSA. Master’s thesis, Oxford University Computing Laboratory, September 1997.
James A. Heather. ‘Oh!... Is it really you?’—Using rank functions to verify authentication protocols. Department of Computer Science, Royal Holloway, University of London, December 2000.
James A. Heather, Gavin Lowe, and Steve A. Schneider. How to avoid type flaw attacks on security protocols. Proceedings of 13th IEEE Computer Security Foundations Workshop, June 2000.
James A. Heather and Steve A. Schneider. Towards automatic verification of authentication protocols on an unbounded network. Proceedings of 13th IEEE Computer Security Foundations Workshop, June 2000.
C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall International, 1985.
Ranko S. Lazić. A semantic study of data-independence with applications to the mechanical verification of concurrent systems. PhD thesis, University of Oxford, 1997.
Ranko S. Lazić. Theorems for Mechanical Verification of Data-Independent CSP. Technical report, Oxford University Computing Laboratory, 1997.
Gavin Lowe. Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In Proceedings of TACAS, volume 1055 of Lecture Notes in Computer Science, pages 147–166. Springer-Verlag, 1996.
Roger M. Needham and Michael D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993–999, December 1978.
Ron L. Rivest, Adi Shamir, and Leonard Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, 1978.
A.W. Roscoe. The Theory and Practice of Concurrency. Prentice-Hall International, 1998.
A.W. Roscoe and Philippa J. Broadfoot. Proving security protocols with model checkers by data independence techniques. Journal of Computer Security, 1999.
Steve A. Schneider. Verifying authentication protocols in CSP. IEEE TSE, 24(9), September 1998.
Steve A. Schneider. Concurrent and real-time systems: the CSP approach. John Wiley & Sons, 1999.
Scott D. Stoller. A bound on attacks on authentication protocols. In Proceedings of the 2nd IFIP International Conference on Theoretical Computer Science (TCS), Kluwer, 2002.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Honest ideals on strand spaces. Proceedings of 11th IEEE Computer Security Foundations Workshop, June 1998.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? Proceedings of the 1998 IEEE Symposium on Security and Privacy, May 1998.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Mixed strand spaces. Proceedings of 12th IEEE Computer Security Foundations Workshop, pages 72–82, June 1999.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Proving security protocols correct. Journal of Computer Security, 7(2,3):191–230, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Heather, J., Schneider, S. (2002). Equal To The Task?. In: Gollmann, D., Karjoth, G., Waidner, M. (eds) Computer Security — ESORICS 2002. ESORICS 2002. Lecture Notes in Computer Science, vol 2502. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45853-0_10
Download citation
DOI: https://doi.org/10.1007/3-540-45853-0_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44345-2
Online ISBN: 978-3-540-45853-1
eBook Packages: Springer Book Archive