Challenges in Protocol Design and Analysis

  • Dieter Gollmann


The clarification of protocol goals and of the assumptions made about the environment protocols are intended for is an important but sometimes underestimated step in protocol design and analysis. Implicit assumptions about the environment can profoundly influence our understanding of security and may mislead us when faced with new challenges. Five case studies will support these claims. Research on novel security properties and on the influence of assumptions about the environment are proposed as major challenges in protocol design and analysis.


Protocol analysis authentication key establishment 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Abadi and Needham, 1994]
    Abadi, Martin and Needham, Roger (1994). Prudent engineering practice for cryptographic protocols. In Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pages 122–136.Google Scholar
  2. [Aura et al., 2002]
    Aura, Tuomas, Roe, Michael, and Arkko, Jari (2002). Security of Internet location management. In Proceedings of the 18th Annual Computer Security Applications Conference, pages 78–87.Google Scholar
  3. [Bird et al., 1992]
    Bird, Ray, Gopal, Inder, Herzberg, Amir, Janson, Phil, Kutten, Shay, Molva, Refik, and Yung, Moti (1992). Systematic design of two-party authentication protocols. In Feigenbaum, J., editor, Advances in Cryptology — CRYPTO'91, LNCS 576, pages 44–61. Springer Verlag.Google Scholar
  4. [Bond and Anderson, 2001]
    Bond, Mike and Anderson, Ross (2001). API-level attacks on embedded systems. IEEE Computer, 34(10):67–75.Google Scholar
  5. [Burrows et al., 1990]
    Burrows, Michael, Abadi, Martín, and Needham, Roger (1990). A logic of authentication. DEC Systems Research Center, Report 39.Google Scholar
  6. [Dolev and Yao, 1983]
    Dolev, Danny and Yao, Andrew C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208.MathSciNetCrossRefGoogle Scholar
  7. [Ellison et al., 1999]
    Ellison, Carl M., Frantz, Bill, Lampson, Butler, Rivest, Ron, Thomas, Brian M., and Ylonen, Tatu (1999). SPKI Certificate Theory. RFC 2693.Google Scholar
  8. [Gollmann, 1996]
    Gollmann, Dieter (1996). What do we mean by entity authentication? In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 46–54.Google Scholar
  9. [Gollmann, 2003a]
    Gollmann, Dieter (2003a). Analysing security protocols. In Abdallah, A. E., Ryan, P., and Schneider, S., editors, Formal Aspects of Security, LNCS 2629, pages 71–80. Springer Verlag.Google Scholar
  10. [Gollmann, 2003b]
    Gollmann, Dieter (2003b). Authentication by correspondence. IEEE Journal on Selected Areas in Communications, 21(1):88–95.CrossRefGoogle Scholar
  11. [Gong, 1999]
    Gong, Li (1999). Inside Java 2 Platform Security. Addison-Wesley, Reading, MA.Google Scholar
  12. [La Macchia et al., 2002]
    La Macchia, Brian A., Lange, Sebastian, Lyons, Matthew, Martin, Rudi, and Price, Kevin T. (2002). .NET Framework Security. Addison-Wesley Professional, Boston, MA.Google Scholar
  13. [Lampson et al., 1992]
    Lampson, Butler, Abadi, Martín, Burrows, Michael, and Wobber, Edward (1992). Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310.CrossRefGoogle Scholar
  14. [Longley and Rigby, 1992]
    Longley, D. and Rigby, S. (1992). An automatic search for security flaws in key management schemes. Computers & Security, 11(1):75–89.CrossRefGoogle Scholar
  15. [Lowe, 1995]
    Lowe, Gavin (1995). An attack on the Needham-Schroeder public-key authentication protocol. Information Processing Letters, 56(3):131–133.zbMATHCrossRefGoogle Scholar
  16. [Lowe, 1996]
    Lowe, Gavin (1996). Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In T. Margaria, B. Steffen, editor, Proceedings of TACAS, LNCS 1055, pages 147–166. Springer Verlag.Google Scholar
  17. [Mäki and Aura, 2002]
    Mäki, Silja and Aura, Tuomas (2002). Towards a survivable security architecture for ad-hoc networks. In et al., B. Christiansen, editor, Security Protocols, 9th International Workshop, Cambridge, LNCS 2467, pages 63–73. Springer Verlag.Google Scholar
  18. [Menezes et al., 1997]
    Menezes, Alfred J., van Oorschot, Paul C., and Vanstone, Scott A. (1997). Handbook of Applied Cryptography. CRC Press, Boca Raton, FA.Google Scholar
  19. [Mitchell and Pagliusi, 2003]
    Mitchell, Christopher J. and Pagliusi, Paolo S. (2003). Is entity authentication necessary? In et al., B. Christiansen, editor, Security Protocols, 10th International Workshop, Cambridge, LNCS 2845, pages 20–33. Springer Verlag.Google Scholar
  20. [Needham, 2000]
    Needham, Roger (2000). Keynote address: The changing environment (transcript of discussion). In et al., B. Christiansen, editor, Security Protocols, 7th International Workshop, Cambridge, LNCS 1796, pages 1–5. Springer Verlag.Google Scholar
  21. [Needham and Schroeder, 1978]
    Needham, Roger M. and Schroeder, Michael D. (1978). Using encryption for authentication in large networks of computers. Communications of the ACM, 21:993–999.CrossRefGoogle Scholar
  22. [Ryan et al., 2001]
    Ryan, Peter, Schneider, Steve, Goldsmith, Michael, Lowe, Gavin, and Roscoe, Bill (2001). Modelling and Analysis of Security Protocols. Addison-Wesley, Harlow, England.Google Scholar
  23. [Schneider, 1996]
    Schneider, Steve (1996). Security properties and CSP. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 174–187.Google Scholar
  24. [Schneider, 1998]
    Schneider, Steve (1998). Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9):741–758.CrossRefGoogle Scholar
  25. [Vogt, 2003]
    Vogt, Harald (2003). Integrity preservation for communication in sensor networks. private communications.Google Scholar

Copyright information

© Springer Science+Business Media, Inc. 2005

Authors and Affiliations

  • Dieter Gollmann
    • 1
  1. 1.TU Hamburg-HarburgGermany

Personalised recommendations