Symmetry in Security Protocol Cryptographic Messages -- A Serious Weakness Exploitable by Parallel Session Attacks

Author

Jurcut, A. ; Coffey, Tom ; Dojen, Reiner

Author_Institution

Dept. of Electron. & Comput. Eng., Univ. of Limerick, Limerick, Ireland

fYear

2012

Firstpage

410

Lastpage

416

Abstract

This paper is concerned with detection and prevention of weaknesses in the design of security protocols. These weaknesses can be exploited by an attacker mounting attacks that compromise the security of the protocol. A novel theory defining weaknesses caused by the symmetry of cryptographic messages in protocols is introduced. This theory incorporates new rules describing the cases when the symmetry of messages has a structural weakness that is exploitable by parallel session attacks. Further, the rationale behind the Symmetry rules is presented and the structures of detected generic attacks for each rule are provided. Additionally, the Symmetry rules are applied to a protocol that is vulnerable to a parallel session attack. It is demonstrated that the proposed theory successfully detects the weaknesses caused by the symmetry of protocol messages, which lead to parallel session attacks.

Keywords

computer network security; cryptographic protocols; attack detection; computer network security; parallel session attacks; security protocol cryptographic message symmetry; security protocol design; structural weakness; symmetry rules; weakness exploitation; weakness prevention; Authentication; Cryptography; Generators; Niobium; Protocols; Strontium; Security protocols; Symmetry rules; attack detection; cryptographic messages; parallel session attacks; symmetry; weaknesses;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2012 Seventh International Conference on

Conference_Location

Prague

Print_ISBN

978-1-4673-2244-7

Type

conf

DOI

10.1109/ARES.2012.39

Filename

6329212