DocumentCode
1726817
Title
Symmetry in Security Protocol Cryptographic Messages -- A Serious Weakness Exploitable by Parallel Session Attacks
Author
Jurcut, A. ; Coffey, Tom ; Dojen, Reiner
Author_Institution
Dept. of Electron. & Comput. Eng., Univ. of Limerick, Limerick, Ireland
fYear
2012
Firstpage
410
Lastpage
416
Abstract
This paper is concerned with detection and prevention of weaknesses in the design of security protocols. These weaknesses can be exploited by an attacker mounting attacks that compromise the security of the protocol. A novel theory defining weaknesses caused by the symmetry of cryptographic messages in protocols is introduced. This theory incorporates new rules describing the cases when the symmetry of messages has a structural weakness that is exploitable by parallel session attacks. Further, the rationale behind the Symmetry rules is presented and the structures of detected generic attacks for each rule are provided. Additionally, the Symmetry rules are applied to a protocol that is vulnerable to a parallel session attack. It is demonstrated that the proposed theory successfully detects the weaknesses caused by the symmetry of protocol messages, which lead to parallel session attacks.
Keywords
computer network security; cryptographic protocols; attack detection; computer network security; parallel session attacks; security protocol cryptographic message symmetry; security protocol design; structural weakness; symmetry rules; weakness exploitation; weakness prevention; Authentication; Cryptography; Generators; Niobium; Protocols; Strontium; Security protocols; Symmetry rules; attack detection; cryptographic messages; parallel session attacks; symmetry; weaknesses;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security (ARES), 2012 Seventh International Conference on
Conference_Location
Prague
Print_ISBN
978-1-4673-2244-7
Type
conf
DOI
10.1109/ARES.2012.39
Filename
6329212
Link To Document