Title :
Symmetry in Security Protocol Cryptographic Messages -- A Serious Weakness Exploitable by Parallel Session Attacks
Author :
Jurcut, A. ; Coffey, Tom ; Dojen, Reiner
Author_Institution :
Dept. of Electron. & Comput. Eng., Univ. of Limerick, Limerick, Ireland
Abstract :
This paper is concerned with detection and prevention of weaknesses in the design of security protocols. These weaknesses can be exploited by an attacker mounting attacks that compromise the security of the protocol. A novel theory defining weaknesses caused by the symmetry of cryptographic messages in protocols is introduced. This theory incorporates new rules describing the cases when the symmetry of messages has a structural weakness that is exploitable by parallel session attacks. Further, the rationale behind the Symmetry rules is presented and the structures of detected generic attacks for each rule are provided. Additionally, the Symmetry rules are applied to a protocol that is vulnerable to a parallel session attack. It is demonstrated that the proposed theory successfully detects the weaknesses caused by the symmetry of protocol messages, which lead to parallel session attacks.
Keywords :
computer network security; cryptographic protocols; attack detection; computer network security; parallel session attacks; security protocol cryptographic message symmetry; security protocol design; structural weakness; symmetry rules; weakness exploitation; weakness prevention; Authentication; Cryptography; Generators; Niobium; Protocols; Strontium; Security protocols; Symmetry rules; attack detection; cryptographic messages; parallel session attacks; symmetry; weaknesses;
Conference_Titel :
Availability, Reliability and Security (ARES), 2012 Seventh International Conference on
Conference_Location :
Prague
Print_ISBN :
978-1-4673-2244-7
DOI :
10.1109/ARES.2012.39
