Abstract
Wireless communication demands for specialized protocols secure against attacks on the radio path while fitting the limited calculation and memory capabilities of mobile terminals. To ensure accessibility of mobile services beyond a user’s home network, signing on a foreign network should be possible. The latter must be able to authenticate a user without learning any secret registration data. Chouinard et al.[DBC01] introduce the Secure Authentication Protocol for this purpose.
In this paper, an exhaustive security analysis of the protocol is presented. First, it is mapped to a coloured petri net. Then, two different intruder models are developed and integrated separately into it. The state spaces of the two nets are calculated; they each contain a set of nodes representing all reachable states. Both are examined to detect states where any security objective is violated indicating a security flaw in the protocol. As there are no such states in both nets, the protocol is proven secure.
Chapter PDF
Similar content being viewed by others
Keywords
References
CPN Tools Homepage, http://wiki.daimi.au.dk/cpntools/cpntools.wiki
Dupré la Tour, I., van Bochmann, G., Chouinard J.-Y.: A Secure Authentication Infrastructure for Mobile Communication Services over the Internet. In: Proceedings IFIP Working Conference CMS 2001, pp. 405–416 (2001)
Dolev, D., Yao, A.: On the Security of Public Key Protocols. In: Proceedings IEEE Symposium on Foundations of Computer Science, pp. 350–357 (1981)
Dresp, W.: Computer-gestützte Analyse von kryptographischen Protokollen mittels gefärbter Petrinetze. Diploma Thesis, Department of Business Information Systems, University of Regensburg (2004)
Doyle, E., Tavares, S., Meijer, H.: Automated Security Analysis of Cryptographic Protocols Using Coloured Petri Net Specifications. In: Workshop on Selected Areas in Cryptography, SAC 1995 Workshop Record, pp. 35–48 (1995)
Doyle, E., Tavares, S., Meijer, H.: Computer Analysis of Cryptographic Protocols Using Coloured Petri Nets. In: 18th Biennial Symposium on Communication, Kingston, Ontario, pp. 194–199 (1996)
Jensen, K.: Coloured Petri nets. Basic concepts, analysis methods and practical use. Monographs in Theoretical Computer Science, vol. 1. Springer, Heidelberg (1992)
Valmari, A.: The State Explosion Problem. In: Reisig, W., Rozenberg, G. (eds.) APN 1998. LNCS, vol. 1491, pp. 429–528. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dresp, W. (2005). Security Analysis of the Secure Authentication Protocol by Means of Coloured Petri Nets. In: Dittmann, J., Katzenbeisser, S., Uhl, A. (eds) Communications and Multimedia Security. CMS 2005. Lecture Notes in Computer Science, vol 3677. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11552055_23
Download citation
DOI: https://doi.org/10.1007/11552055_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28791-9
Online ISBN: 978-3-540-31978-8
eBook Packages: Computer ScienceComputer Science (R0)