TY - GEN
T1 - Establishing and fixing a freshness flaw in a key-distribution and authentication protocol
AU - Dojen, Reiner
AU - Lasc, Ioana
AU - Coffey, Tom
PY - 2008
Y1 - 2008
N2 - The security of electronic networks and information systems is nowadays seen as a critical issue for the growth of Information and Communication Technologies. Cryptographic protocols are used to provide security services such as confidentiality, message integrity, authentication, certified E-mail and non-repudiation. Traditionally, security protocols have been designed and verified using informal techniques. However, the absence of formal verification can lead to security errors remaining undetected. Formal verification techniques provide a systematic way of discovering protocol flaws. This paper establishes a freshness flaw in a keydistribution and Authentication Protocol using an automated logic-based verification engine. The performed verification reveals a freshness flaw in the protocol that allows an intruder to impersonate legitimate principals. The cause of the freshness flaw is discussed and an amended protocol is proposed. Formal verification of the amended protocol provides confidence in the correctness and effectiveness of the proposed modifications.
AB - The security of electronic networks and information systems is nowadays seen as a critical issue for the growth of Information and Communication Technologies. Cryptographic protocols are used to provide security services such as confidentiality, message integrity, authentication, certified E-mail and non-repudiation. Traditionally, security protocols have been designed and verified using informal techniques. However, the absence of formal verification can lead to security errors remaining undetected. Formal verification techniques provide a systematic way of discovering protocol flaws. This paper establishes a freshness flaw in a keydistribution and Authentication Protocol using an automated logic-based verification engine. The performed verification reveals a freshness flaw in the protocol that allows an intruder to impersonate legitimate principals. The cause of the freshness flaw is discussed and an amended protocol is proposed. Formal verification of the amended protocol provides confidence in the correctness and effectiveness of the proposed modifications.
UR - http://www.scopus.com/inward/record.url?scp=67650246048&partnerID=8YFLogxK
U2 - 10.1109/ICCP.2008.4648371
DO - 10.1109/ICCP.2008.4648371
M3 - Conference contribution
AN - SCOPUS:67650246048
SN - 9781424426737
T3 - Proceedings - 2008 IEEE 4th International Conference on Intelligent Computer Communication and Processing, ICCP 2008
SP - 185
EP - 192
BT - Proceedings - 2008 IEEE 4th International Conference on Intelligent Computer Communication and Processing, ICCP 2008
T2 - 2008 IEEE 4th International Conference on Intelligent Computer Communication and Processing, ICCP 2008
Y2 - 28 August 2008 through 30 August 2008
ER -