Determining a parallel session attack on a key distribution protocol using a model checker

Vladimir Paşca; Reiner Dojen; Anca Jurcut; Tom Coffey

doi:10.1145/1497185.1497218

Determining a parallel session attack on a key distribution protocol using a model checker

Vladimir Paşca, Reiner Dojen, Anca Jurcut, Tom Coffey

Department of Electronics & Computer Engineering

University of Limerick

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The use of security protocols to protect sensitive information is critical. However, flaws in the design of security protocols can make them ineffective. This paper discusses various attacks against security protocols that exploit weaknesses in their design and a key-distribution protocol is analysed using a model checker. The analysis reveals weaknesses in the protocol, which can be exploited in a parallel session attack that allows an attacker to impersonate a legitimate principal. Correction to the protocol are proposed and a formal analysis of the fix is presented. The results of this analysis provide confidence in the correctness and effectiveness of the proposed corrected protocol. Copyright ACM 2008.

Original language	English
Title of host publication	MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia
Pages	150-155
Number of pages	6
DOIs	https://doi.org/10.1145/1497185.1497218
Publication status	Published - 2008
Event	6th International Conference on Advances in Mobile Computing and Multimedia, MoMM2008 - Linz, Austria Duration: 24 Nov 2008 → 26 Nov 2008

Publication series

Name	MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia

Conference

Conference	6th International Conference on Advances in Mobile Computing and Multimedia, MoMM2008
Country/Territory	Austria
City	Linz
Period	24/11/08 → 26/11/08

Keywords

Attacks on security protocols
Formal analysis of security protocols
Model checking
Parallel session attack

Access to Document

10.1145/1497185.1497218

Cite this

Paşca, V., Dojen, R., Jurcut, A., & Coffey, T. (2008). Determining a parallel session attack on a key distribution protocol using a model checker. In MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia (pp. 150-155). (MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia). https://doi.org/10.1145/1497185.1497218

@inproceedings{a9f5ef4dbe954b21965fb7b3165ec832,

title = "Determining a parallel session attack on a key distribution protocol using a model checker",

abstract = "The use of security protocols to protect sensitive information is critical. However, flaws in the design of security protocols can make them ineffective. This paper discusses various attacks against security protocols that exploit weaknesses in their design and a key-distribution protocol is analysed using a model checker. The analysis reveals weaknesses in the protocol, which can be exploited in a parallel session attack that allows an attacker to impersonate a legitimate principal. Correction to the protocol are proposed and a formal analysis of the fix is presented. The results of this analysis provide confidence in the correctness and effectiveness of the proposed corrected protocol. Copyright ACM 2008.",

keywords = "Attacks on security protocols, Formal analysis of security protocols, Model checking, Parallel session attack",

author = "Vladimir Pa{\c s}ca and Reiner Dojen and Anca Jurcut and Tom Coffey",

year = "2008",

doi = "10.1145/1497185.1497218",

language = "English",

isbn = "9781605582696",

series = "MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia",

pages = "150--155",

booktitle = "MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia",

note = "6th International Conference on Advances in Mobile Computing and Multimedia, MoMM2008 ; Conference date: 24-11-2008 Through 26-11-2008",

}

Paşca, V, Dojen, R, Jurcut, A & Coffey, T 2008, Determining a parallel session attack on a key distribution protocol using a model checker. in MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia. MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia, pp. 150-155, 6th International Conference on Advances in Mobile Computing and Multimedia, MoMM2008, Linz, Austria, 24/11/08. https://doi.org/10.1145/1497185.1497218

Determining a parallel session attack on a key distribution protocol using a model checker. / Paşca, Vladimir; Dojen, Reiner; Jurcut, Anca et al.
MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia. 2008. p. 150-155 (MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Determining a parallel session attack on a key distribution protocol using a model checker

AU - Paşca, Vladimir

AU - Dojen, Reiner

AU - Jurcut, Anca

AU - Coffey, Tom

PY - 2008

Y1 - 2008

N2 - The use of security protocols to protect sensitive information is critical. However, flaws in the design of security protocols can make them ineffective. This paper discusses various attacks against security protocols that exploit weaknesses in their design and a key-distribution protocol is analysed using a model checker. The analysis reveals weaknesses in the protocol, which can be exploited in a parallel session attack that allows an attacker to impersonate a legitimate principal. Correction to the protocol are proposed and a formal analysis of the fix is presented. The results of this analysis provide confidence in the correctness and effectiveness of the proposed corrected protocol. Copyright ACM 2008.

AB - The use of security protocols to protect sensitive information is critical. However, flaws in the design of security protocols can make them ineffective. This paper discusses various attacks against security protocols that exploit weaknesses in their design and a key-distribution protocol is analysed using a model checker. The analysis reveals weaknesses in the protocol, which can be exploited in a parallel session attack that allows an attacker to impersonate a legitimate principal. Correction to the protocol are proposed and a formal analysis of the fix is presented. The results of this analysis provide confidence in the correctness and effectiveness of the proposed corrected protocol. Copyright ACM 2008.

KW - Attacks on security protocols

KW - Formal analysis of security protocols

KW - Model checking

KW - Parallel session attack

UR - http://www.scopus.com/inward/record.url?scp=70349318079&partnerID=8YFLogxK

U2 - 10.1145/1497185.1497218

DO - 10.1145/1497185.1497218

M3 - Conference contribution

AN - SCOPUS:70349318079

SN - 9781605582696

T3 - MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia

SP - 150

EP - 155

BT - MoMM2008 - The 6th International Conference on Advances in Mobile Computing and Multimedia

T2 - 6th International Conference on Advances in Mobile Computing and Multimedia, MoMM2008

Y2 - 24 November 2008 through 26 November 2008

ER -

Determining a parallel session attack on a key distribution protocol using a model checker

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this