Title :
Design requirements to counter parallel session attacks in security protocols
Author :
Jurcut, Anca D. ; Coffey, Tom ; Dojen, Reiner
Author_Institution :
Univ. of Limerick, Limerick, Ireland
Abstract :
This work is concerned with the possible exploitation of weaknesses in security protocols by attackers using parallel session attacks and discovering ways of eliminating these weaknesses. A new analysis is presented on the reasons why security protocols, with certain weaknesses in their design, are vulnerable to parallel session attacks. Building on this analysis a new set of design requirements is proposed, whose aim is to eliminate these vulnerabilities. The proposed set of design requirements is evaluated by applying them to a range of security protocols with known weaknesses as well as protocols known to be free of these weaknesses. The results of the evaluation indicate that the set of design requirements are effective as: protocols with known weaknesses violate some of the rules, while protocols without weaknesses do not violate any of the rules.
Keywords :
cryptographic protocols; cryptographic expression; design requirements; parallel session attacks; security protocols; Encryption; Generators; Protocols; Public key; Receivers; design requirements; parallel session attacks; security protocols;
Conference_Titel :
Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on
Conference_Location :
Toronto, ON
Print_ISBN :
978-1-4799-3502-4
DOI :
10.1109/PST.2014.6890952
