Title :
Validating Attacks on Authentication Protocols
Author :
Hagalisletto, Anders Moen
Author_Institution :
Univ. of Oslo, Oslo
Abstract :
It is possible to show that well-known attacks on authentication protocols are flawed. This is a problem, since good protocols may thus be dismissed rather than improved and poor protocols that might continue to be used although they may contain irreparable errors. This paper describes a novel method for validating attacks on authentication protocols, based on a strategy for checking that all elements of the attack have been legally obtained. A Maude-program which implements the method, identified errors in attacks on the Wide Mouthed Frog and Yahalom authentication protocols. More generally, the paper shows that the method will find all errors in attacks that originates from incompleteness of cryptographic assumptions. The main implications is that new attacks can be effectively validated even when an exhaustive state-space analysis becomes infeasible. We expect that in the future, validation will be an obligatory part in effectively checking the soundness of any attacks on security protocols.
Keywords :
message authentication; protocols; state-space methods; Maude-program; Wide Mouthed Frog protocols; Yahalom authentication protocols; state-space analysis; validating attacks; Authentication; Cryptographic protocols; Cryptography; Jacobian matrices; Law; Legal factors; Logic; Security; Specification languages; State-space methods;
Conference_Titel :
Computers and Communications, 2007. ISCC 2007. 12th IEEE Symposium on
Conference_Location :
Aveiro
Print_ISBN :
978-1-4244-1520-5
Electronic_ISBN :
1530-1346
DOI :
10.1109/ISCC.2007.4381524
