Security Analysis of Real World Protocols

  • Ling Dong
  • Kefei Chen


Several de facto or industrial standards are widely used in many real world applications are discussed and analyzed via the trusted freshness approach. The typical cryptographic protocols include the Secure Socket Layer Protocol (SSL) and its variant, Transport Layer Security Protocol (TLS), the Internet Key Exchange Protocol (IKE) and the Kerberos Authentication Protocol. From the discussion and the security analysis of these protocols, we will see that it is very challenging to achieve strong security properties of the cryptographic protocols fit for application.


Internet Protocol Authentication Server Internet Protocol Address Secure Socket Layer Transport Layer Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Tanenbaum AS (2001) Computer Networks, 3rd edn. Prentice Hall, New Jersey.Google Scholar
  2. [2]
    Freier AO, Karlton P, Kocher PC (1996) The SSL Protocol Version 3.0. Accessed 29 Apr 2007Google Scholar
  3. [3]
    Dierks T, Allen C (1999) the TLS Protocol Version 1.0, RFC 2246. http:// Accessed 21 May 2011Google Scholar
  4. [4]
    Kaufman C (2005) Internet Key Exchange (IKEv2) Protocol, RFC 4306. Accessed Dec 2005Google Scholar
  5. [5]
    Meadows C (1999) Analysis of the Internet Key Exchange Protocol Using the NRL Protocol Analyzer. In: Proceedings of 1999 IEEE Symposium on Security and Privacy, Oakland, 9–12 May 1999Google Scholar
  6. [6]
    Neuman C (1993) The Kerberos Network Authentication Service (V5), RFC 1510. Accessed 5 May 2011Google Scholar
  7. [7]
    Neuman BC, Ts’o T (1994) Kerberos: an Authentication Service for Computer Networks. IEEE Communications Magazine 32(9): 33–38CrossRefGoogle Scholar
  8. [8]
    Ylonen T (1995) The SSH (secure shell) Remote Login Protocol, Internet-Draft. Accessed 15 Nov 1995Google Scholar
  9. [9]
    Ylonen T (2002) SSH Authentication Protocol, RFC4252. http://www.ietf. org/rfc/rfc4252.txt. Accessed 5 May 2011Google Scholar
  10. [10]
    Ylonen T (2002) SSH Connection Protocol, RFC4254. rfc/rfc4254.txt. Accessed 5 May 2011Google Scholar
  11. [11]
    Ylonen T (2002) SSH Protocol Architecture, RFC4251. rfc/rfc4251.txt. Accessed 5 May 2011Google Scholar
  12. [12]
    Ylonen T (2002) SSH Transport Layer Protocol, RFC4253. http://www.ietf. org/rfc/rfc4253.txt. Accessed 5 May 2011Google Scholar
  13. [13]
    Stallings W (2006) Cryptography and Network Security: Principles and Practice, 4th edn. Prentice Hall, New JerseyGoogle Scholar
  14. [14]
    Ray M, Dispensa S (2009) Renegotiating TLS. http://www.phonefactor. com/sslgapdocs/Renegotia-ting TLS.pdf. Accessed 5 May 2011Google Scholar
  15. [15]
    Thayer R, Doraswamy N, Glenn R (1998) IP Security Document Roadmap, RFC2411. Accessed Nov 1998Google Scholar
  16. [16]
    Hoffman P (2005) Cryptographic Suites for IPsec, RFC4308. http://tools. Accessed 5 May 2011Google Scholar
  17. [17]
    Kent S, Atkinson R (1998) IP Authentication Header, RFC2402. http://tools. Accessed 5 May 2011Google Scholar
  18. [18]
    Kent S, Atkinson R (1998) IP Encapsulating Security Payload (ESP), RFC2406. Accessed Nov 1998Google Scholar
  19. [19]
    Harkins D, Carrel D (1998) The Internet Key Exchange Protocol (IKE), RFC 2409. Accessed Dec 2005Google Scholar
  20. [20]
    Kent S (2005) IP Authentication Header, RFC4302. html/rfc4302. Accessed Dec 2005Google Scholar
  21. [21]
    Maughan D, Schertler M, Schneider M, Turner J (1998) Internet Security Association and Key Management Protocol (ISAKMP). IETF RFC 2408. Accessed November 1998Google Scholar
  22. [22]
    Orman H (1998) The OAKLEY Key Determination Protocol. IETF RFC 2412. Accessed November 1998Google Scholar
  23. [23]
    Krawczyk H (1996) SKEME: A Versatile Secure Key Exchange Mechanism for Internet. In: Proceedings of Symposium on Network and Distributed System Security (SNDSS’ 96), San Diego, 22–23 Feb 1996Google Scholar
  24. [24]
    Mao W (2004) Modern Cryptography: Theory and Practice. Prentice Hall, New JerseyGoogle Scholar
  25. [25]
    Lowe G (1996) Some new Attacks Upon Security Protocols. In: Proceedings of the 9th IEEE Computer Security Foundations Workshop, Kenmare, 10–12 Mar 1996Google Scholar
  26. [26]
    Zhu L, Tung B (2006) Public Key Cryptography for Initial Authentication in Kerberos (PKINIT), RFC4556. Accessed 10 June 2010Google Scholar
  27. [27]
    Neuman C, Yu T, Hartman S, Raeburn K (2005) The Kerberos Network Authentication Service (V5). Scholar
  28. [28]
    Wikipedia. Kerberos (protocol). (protocol). Accessed 5 Dec 2011Google Scholar
  29. [29]
    Microsoft Security Bulletin MS05-042. security/bulletin/ms05-042.mspx. Accessed 9 Aug 2010Google Scholar
  30. [30]
    Strasser M, Steffen A (2002) Kerberos PKINIT Implementation for Unix Clients. Technical Report, Zurich University of Applied Sciences Winterthur, Nov 2010Google Scholar
  31. [31]
    Cervesato I, Jaggard AD, Scedrov A, Tsay JK, Walstad C (2008) Breaking and Fixing Public-key Kerberos. Journal Information and Computation 206(2➃): 402–424MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Ling Dong
    • 1
  • Kefei Chen
    • 1
  1. 1.Dept. of Computer Science and EngineeringShanghai Jiaotong UniversityShanghaiP.R. China

Personalised recommendations