On establishing and fixing a parallel session attack in a security protocol

Reiner Dojen; Anca Jurcut; Tom Coffey; Cornelia Gyorodi

doi:10.1007/978-3-540-85257-5_24

On establishing and fixing a parallel session attack in a security protocol

Reiner Dojen, Anca Jurcut, Tom Coffey, Cornelia Gyorodi

Department of Electronics & Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone. This paper discusses various attacks against security protocols. As an example, the security of the Wide-Mouthed Frog key distribution protocol when subjected to known attacks is discussed. Significantly, a hitherto unknown attack on Lowe's modified version of the Wide-Mouthed Frog protocol is presented. Finally, a correction for the protocol to prevent this attack is proposed and discussed.

Original language	English
Title of host publication	Intelligent Distributed Computing, Systems and Applications
Subtitle of host publication	Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008
Publisher	Springer Verlag
Pages	239-244
Number of pages	6
ISBN (Print)	9783540852568
DOIs	https://doi.org/10.1007/978-3-540-85257-5_24
Publication status	Published - 2008

Publication series

Name	Studies in Computational Intelligence
Volume	162
ISSN (Print)	1860-949X

Keywords

Parallel session attack
Protocol flaws
Security protocols

Access to Document

10.1007/978-3-540-85257-5_24

Cite this

Dojen, R., Jurcut, A., Coffey, T., & Gyorodi, C. (2008). On establishing and fixing a parallel session attack in a security protocol. In Intelligent Distributed Computing, Systems and Applications: Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008 (pp. 239-244). (Studies in Computational Intelligence; Vol. 162). Springer Verlag. https://doi.org/10.1007/978-3-540-85257-5_24

Dojen, Reiner ; Jurcut, Anca ; Coffey, Tom et al. / On establishing and fixing a parallel session attack in a security protocol. Intelligent Distributed Computing, Systems and Applications: Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008. Springer Verlag, 2008. pp. 239-244 (Studies in Computational Intelligence).

@inproceedings{b6267fb3d68a438c9d4755ec8adb5b43,

title = "On establishing and fixing a parallel session attack in a security protocol",

abstract = "Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone. This paper discusses various attacks against security protocols. As an example, the security of the Wide-Mouthed Frog key distribution protocol when subjected to known attacks is discussed. Significantly, a hitherto unknown attack on Lowe's modified version of the Wide-Mouthed Frog protocol is presented. Finally, a correction for the protocol to prevent this attack is proposed and discussed.",

keywords = "Parallel session attack, Protocol flaws, Security protocols",

author = "Reiner Dojen and Anca Jurcut and Tom Coffey and Cornelia Gyorodi",

year = "2008",

doi = "10.1007/978-3-540-85257-5_24",

language = "English",

isbn = "9783540852568",

series = "Studies in Computational Intelligence",

publisher = "Springer Verlag",

pages = "239--244",

booktitle = "Intelligent Distributed Computing, Systems and Applications",

}

Dojen, R, Jurcut, A, Coffey, T & Gyorodi, C 2008, On establishing and fixing a parallel session attack in a security protocol. in Intelligent Distributed Computing, Systems and Applications: Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008. Studies in Computational Intelligence, vol. 162, Springer Verlag, pp. 239-244. https://doi.org/10.1007/978-3-540-85257-5_24

On establishing and fixing a parallel session attack in a security protocol. / Dojen, Reiner; Jurcut, Anca; Coffey, Tom et al.
Intelligent Distributed Computing, Systems and Applications: Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008. Springer Verlag, 2008. p. 239-244 (Studies in Computational Intelligence; Vol. 162).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - On establishing and fixing a parallel session attack in a security protocol

AU - Dojen, Reiner

AU - Jurcut, Anca

AU - Coffey, Tom

AU - Gyorodi, Cornelia

PY - 2008

Y1 - 2008

N2 - Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone. This paper discusses various attacks against security protocols. As an example, the security of the Wide-Mouthed Frog key distribution protocol when subjected to known attacks is discussed. Significantly, a hitherto unknown attack on Lowe's modified version of the Wide-Mouthed Frog protocol is presented. Finally, a correction for the protocol to prevent this attack is proposed and discussed.

AB - Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone. This paper discusses various attacks against security protocols. As an example, the security of the Wide-Mouthed Frog key distribution protocol when subjected to known attacks is discussed. Significantly, a hitherto unknown attack on Lowe's modified version of the Wide-Mouthed Frog protocol is presented. Finally, a correction for the protocol to prevent this attack is proposed and discussed.

KW - Parallel session attack

KW - Protocol flaws

KW - Security protocols

UR - http://www.scopus.com/inward/record.url?scp=51849146179&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-85257-5_24

DO - 10.1007/978-3-540-85257-5_24

M3 - Conference contribution

AN - SCOPUS:51849146179

SN - 9783540852568

T3 - Studies in Computational Intelligence

SP - 239

EP - 244

BT - Intelligent Distributed Computing, Systems and Applications

PB - Springer Verlag

ER -

Dojen R, Jurcut A, Coffey T, Gyorodi C. On establishing and fixing a parallel session attack in a security protocol. In Intelligent Distributed Computing, Systems and Applications: Proceedings of the 2nd International Symposium on Intelligent Distributed Computing - IDC 2008, Catania, Italy, 2008. Springer Verlag. 2008. p. 239-244. (Studies in Computational Intelligence). doi: 10.1007/978-3-540-85257-5_24

On establishing and fixing a parallel session attack in a security protocol

Abstract

Publication series

Keywords

Access to Document

Other files and links

Fingerprint

Cite this