Security Protocol Design: A Case Study Using Key Distribution Protocols
نویسندگان
چکیده
Nowadays security protocols are a key component in providing security services for fixed and mobile networks. These services include data confidentiality, radio link encryption, message integrity, mobile subscriber authentication, electronic payment, certified e-mail, contract signing and nonrepudiation. This paper is concerned with design of effective security protocols. Security protocols are introduced and some common attacks against security protocols are discussed. The vulnerabilities that lead to the attacks are analyzed and guidelines for effective security protocol design are proposed. The presented guidelines are applied to the Andrew Secure RPC protocol and its adapted versions. It is demonstrated that compliance with the guidelines successfully avoids freshness and parallel session attacks.
منابع مشابه
Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملExtending CAPSL for Logic-Based Verifications
Cryptographic protocols are designed to provide security services, such as key distribution, authentication and non-repudiation, over insecure networks. The design process of cryptographic protocols is highly complex. In particular, the translation from the informal protocol description to the formal protocol specification is an error-prone step, as the exact meaning of the requirements of the ...
متن کاملDesign of an Efficient Security Protocol Analyzer
In this paper, we present a efficient security protocol analyzer to verify cryptographic security protocols. Our analyzer verifies security protocols based on notions of provable security. The analyzer only checks whether the core properties of security protocols satisfy the notions, making it faster than previous tools. The analyzer automatically checks whether authentication and key distribut...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملPractical applications of performance modelling of security protocols using PEPA
Trade-off between security and performance has become an intriguing area in recent years in both the security and performance communities. As the security aspects of security protocol research is fully-fledged, this thesis is therefore devoted to conducting a performance study of these protocols. The long term objective is to translate formal definitions of security protocols to formal performa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009