A Formal Analysis for Capturing Replay Attacks in Cryptographic Protocols

نویسندگان

Han Gao

Chiara Bodei

Pierpaolo Degano

Hanne Riis Nielson

چکیده

We present a reduction semantics for the LYSA calculus extended with session information, for modelling cryptographic protocols, and a static analysis for it. If a protocol passes the analysis then it is free of replay attacks and thus preserves freshness. The analysis has been implemented and applied to a number of protocols, including both original and corrected version of Needham-Schroeder protocol. The experiment results show that the analysis is able to capture potential replay attacks.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Typed Specification for Security Protocols

Security protocol attacks are known to have various sources, from flawed implementations, to running parallel sessions of the same protocol. Because of this attack diversity, it is quite difficult (or impossible) to create an abstract model that is suitable for analyzing a protocol against all possible attacks. However, if we categorize the attacks based on their characteristics we should be ab...

متن کامل

Categorizing Attacks on Cryptographic Protocols Based on Intruders' Objectives and Roles

A taxonomy of cryptographic protocol attacks is helpful for cryptographic protocol analysis. There are taxonomies of cryptographic protocol awss5, 9] and a taxonomy of replay attacks in terms of message origin and destinationn25]. This paper presents an attack taxonomy based on an intruder's objectives when launching attacks and the roles s/he plays. Understanding an intruder's possible behavio...

متن کامل

An Abstract Model for Security Protocol Analysis

Security protocol analysis techniques are today mature enough to verify multiple properties of security protocols (correctness, secrecy, authentication). However, because security protocols are growing each day and more complex situations arise (like multi-protocol environments), we consider that the analysis process should be simplified by creating an abstract model for security protocols that...

متن کامل

A Taxonomy of Replay Attacks

This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classi ed by the taxonomy. The classi cation of attacks is illustrated using both new and previously know...

متن کامل

Strategies against Replay Attacks

The goal of this paper is to present a set of design principles for avoiding replay attacks in cryptographic protocols. The principles are easily applied to real protocols and they do not consume excessive computing power or communications bandwidth. In particular, we describe how to type-tag messages with unique cryptographic functions, how to inexpensively implement the full information princ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2007

A Formal Analysis for Capturing Replay Attacks in Cryptographic Protocols

نویسندگان

چکیده

منابع مشابه

A Typed Specification for Security Protocols

Categorizing Attacks on Cryptographic Protocols Based on Intruders' Objectives and Roles

An Abstract Model for Security Protocol Analysis

A Taxonomy of Replay Attacks

Strategies against Replay Attacks

عنوان ژورنال:

اشتراک گذاری