A Calculus to Detect Guessing Attacks

  • Bogdan Groza
  • Marius Minea
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5735)


We present a calculus for detecting guessing attacks, based on oracles that instantiate cryptographic functions. Adversaries can observe oracles, or control them either on-line or off-line. These relations can be established by protocol analysis in the presence of a Dolev-Yao intruder, and the derived guessing rules can be used together with standard intruder deductions. Our rules also handle partial verifiers that fit more than one secret. We show how to derive a known weakness in the Anderson-Lomas protocol, and new vulnerabilities for a known faulty ATM system.


Dictionary Attack Oracle Access Probabilistic Meaning Decryption Oracle Encryption Oracle 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ding, Y., Horster, P.: Undetectable on-line password guessing attacks. Operating Systems Review 29(4), 77–86 (1995)CrossRefGoogle Scholar
  2. 2.
    Lowe, G.: Analysing protocols subject to guessing attacks. Journal of Computer Security 12(1), 83–98 (2004)CrossRefGoogle Scholar
  3. 3.
    Corin, R., Malladi, S., Alves-Foss, J., Etalle, S.: Guess what? Here is a new tool that finds some new guessing attacks. In: Proc. Workshop on Issues in the Theory of Security, pp. 62–71 (2003)Google Scholar
  4. 4.
    Delaune, S., Jacquemard, F.: A theory of dictionary attacks and its complexity. In: Proc. 17th IEEE Computer Security Foundations Workshop, pp. 2–15 (2004)Google Scholar
  5. 5.
    Drielsma, P.H., Mödersheim, S., Viganò, L.: A formalization of off-line guessing for security protocol analysis. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS (LNAI), vol. 3452, pp. 363–379. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Corin, R., Doumen, J.M., Etalle, S.: Analysing password protocol security against off-line dictionary attacks. In: Proc. 2nd Int’l. Workshop on Security Issues with Petri Nets and other Computational Models (WISP), pp. 47–63 (2004)Google Scholar
  7. 7.
    Abadi, M., Baudet, M., Warinschi, B.: Guessing attacks and the computational soundness of static equivalence. In: Aceto, L., Ingólfsdóttir, A. (eds.) FOSSACS 2006. LNCS, vol. 3921, pp. 398–412. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Baudet, M.: Deciding security of protocols against off-line guessing attacks. In: Proc. 12th ACM Conf. on Computer and Communications Security, pp. 16–25 (2005)Google Scholar
  9. 9.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop, pp. 82–96 (2001)Google Scholar
  10. 10.
    Anderson, R.J., Lomas, T.M.A.: Fortifying key negotiation schemes with poorly chosen passwords. Electronics Letters 30(13), 1040–1041 (1994)CrossRefGoogle Scholar
  11. 11.
    Hole, K.J., Moen, V., Klingsheim, A.N., Tande, K.M.: Lessons from the Norwegian ATM system. IEEE Security and Privacy 5(6), 25–31 (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Bogdan Groza
    • 1
  • Marius Minea
    • 2
  1. 1.Politehnica University of TimişoaraRomania
  2. 2.Institute e-Austria TimişoaraRomania

Personalised recommendations