Abstract
AVISPA is a well-known automated tool for analysing and verifying security protocols. Many researchers have used AVISPA to find attacks against individual protocols. Multi-protocol attacks use a combination of messages from different protocols to defeat the security objectives of one or more protocols. To our knowledge, multi-protocol analysis using AVISPA has not been investigated before. We describe how to carry out multi-protocol analysis using AVISPA and present several new attacks against combinations of protocols from a previous case study.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mathuria, A., Singh, A.R., Shravan, P.V., Kirtankar, R.: Some new multi-protocol attacks. In: 15th International Conference on Advanced Computing and Communications (ADCOM 2007), pp. 465–471 (2007)
Alves-Foss, J.: Provably insecure mutual authentication protocols: the two-party symmetric-encryption case. In: 22nd National Information Systems Security Conference, October 1999
Cremers, C.: Feasibility of multi-protocol attacks. In: ARES, pp. 287–294 (2006)
Kojovic, I.: An automatic protocol composition checker. Master’s thesis, Technical University of Denmark (2012)
Cervesato, I.: The Dolev-Yao intruder is the most powerful attacker. In: 16th Annual Symposium on Logic in Computer Science, LICS 2001, pp. 16–19 (2001)
Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Commun. ACM 24(8), 533–536 (1981)
Woo, T.Y., Lam, S.S.: Authentication for distributed systems. Computer 25(1), 39–2 (1992)
Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature. Technical Report 1.0 (1997)
Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Trans. Softw. Eng. 22(1), 6–15 (1996)
Perrig, A., Song, D.X.: Looking for diamonds in the desert: extending automatic protocol generation to three-party authentication and key agreement protocols. In: 13th IEEE Computer Security Foundations Workshop, pp. 64–76, July 2000
Zhou, H., Foley, S.N.: Fast automatic synthesis of security protocols using backward search. In: ACM workshop on Formal methods in security engineering (FMSE), pp. 1–10 (2003)
Acknowledgements
We thank the anonymous referees for their helpful comments on a draft of this paper. The second author was supported by a grant from Indo-French (DST-Inria-CNRS) collaborative research program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Garg, V., Mathuria, A. (2017). On Automated Detection of Multi-Protocol Attacks Using AVISPA. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)