Abstract
AVISPA is a well-known automated tool for analysing and verifying security protocols. Many researchers have used AVISPA to find attacks against individual protocols. Multi-protocol attacks use a combination of messages from different protocols to defeat the security objectives of one or more protocols. To our knowledge, multi-protocol analysis using AVISPA has not been investigated before. We describe how to carry out multi-protocol analysis using AVISPA and present several new attacks against combinations of protocols from a previous case study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mathuria, A., Singh, A.R., Shravan, P.V., Kirtankar, R.: Some new multi-protocol attacks. In: 15th International Conference on Advanced Computing and Communications (ADCOM 2007), pp. 465–471 (2007)
Alves-Foss, J.: Provably insecure mutual authentication protocols: the two-party symmetric-encryption case. In: 22nd National Information Systems Security Conference, October 1999
Cremers, C.: Feasibility of multi-protocol attacks. In: ARES, pp. 287–294 (2006)
Kojovic, I.: An automatic protocol composition checker. Master’s thesis, Technical University of Denmark (2012)
Cervesato, I.: The Dolev-Yao intruder is the most powerful attacker. In: 16th Annual Symposium on Logic in Computer Science, LICS 2001, pp. 16–19 (2001)
Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Commun. ACM 24(8), 533–536 (1981)
Woo, T.Y., Lam, S.S.: Authentication for distributed systems. Computer 25(1), 39–2 (1992)
Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature. Technical Report 1.0 (1997)
Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Trans. Softw. Eng. 22(1), 6–15 (1996)
Perrig, A., Song, D.X.: Looking for diamonds in the desert: extending automatic protocol generation to three-party authentication and key agreement protocols. In: 13th IEEE Computer Security Foundations Workshop, pp. 64–76, July 2000
Zhou, H., Foley, S.N.: Fast automatic synthesis of security protocols using backward search. In: ACM workshop on Formal methods in security engineering (FMSE), pp. 1–10 (2003)
Acknowledgements
We thank the anonymous referees for their helpful comments on a draft of this paper. The second author was supported by a grant from Indo-French (DST-Inria-CNRS) collaborative research program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Garg, V., Mathuria, A. (2017). On Automated Detection of Multi-Protocol Attacks Using AVISPA. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)