Title :
Analysis of Authentication Protocols Based on Rubin Logic
Author :
Xu, Yang ; Xie, Xiaoyao
Author_Institution :
Sch. of Comput. Sci. & Technol., Guizhou Univ., Guiyang
Abstract :
Authentication protocols are the basis of security in networks. Therefore, it is essential to ensure that these protocols function correctly. However, it is difficult to design authentication protocols that are immune to malicious attack, since good analysis techniques are lacking. BAN-like logic is one of the main techniques for analysis of authentication protocols, but protocols idealization is the fatal weakness of it. In this paper, Rubin logic which is a new technique for analyzing security protocols is introduced. Two examples of Rubin logic´s applications are given. First example is the Andrew secure RPC protocol using symmetric keys. The second one is the X.509 authentication protocol using asymmetric keys. Not only are the flaws of the protocols got with BAN logic found, but also some previously unknown flaws are found. With the result of the analysis, the new fixes of the two protocols are presented. These are stunning confirmations of the importance of Rubin logic for analyzing protocols.
Keywords :
authorisation; protocols; telecommunication security; BAN logic; Rubin logic; authentication protocols; Authentication; Body sensor networks; Computer science; Computer security; Data security; Information security; Law; Logic; Protocols; Telecommunication traffic;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4244-2107-7
Electronic_ISBN :
978-1-4244-2108-4
DOI :
10.1109/WiCom.2008.1120
