Abstract
When designing and implementing cryptographic protocols one must avoid a number of possible flaws. In this paper we divide possible flaws based on the flaw pathology and the corresponding attack method, into elementary protocol flaws, password/key guessing flaws, stale message flaws, parallel session flaws, internal protocol flaws, and cryptosystem flaws. We then outline and comment on different attack construction and inference-based formal methods, protocol analysis tools, and process integration techniques and their effectiveness in aiding the cryptographic protocol design process by discovering protocol flaws with regard to the aforementioned proposed taxonomy of them.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Carlsen U. Cryptographic Protocol Flaws. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 192–200
Carlsen U. Using Logics to Detect Implementation-Dependent Flaws. In: P roceedings of the 9th IEEE Annual Computer Security Applications Conference. IEEE Computer Society Press, 1993, pp. 64–73
Nesset D. A Critique of the BAN Logic. ACM Operating Systems Review 1990; 24(2) 35–38
Burrows M., Abadi M., Needham R. A Logic of Authentication. ACM Transactions on Computer Systems 1990; 8(1) 18–36
CCITT X.509: The Directory - An Authentication framework. CCITT, 1988
Morris R. Password Security: A C’ase History. Communications of the ACM 1979; 22(11) 594–597
Klein D. Foiling the Cracker: A Survey of, and Improvements to, Password Security. In: Proceedings of the USENIX Security Workshop II. USENIX Association, 1990, pp. 5–14
Gong L. Attacks in Cryptographic Protocols. In: Proceedings of IEEE INFOCOM ’90. IEEE Computer Security Society Press, 1990
Janson P., Molva R. Security in Open Networks and Distributed Systems.Computer Networks and ISDN Systems 1991;22(5) 323–346
Ding Y., Horster P. Undetectable on-line password guessing attacks, ACM Operating Systems Review 1995; Vol. 29, No. 4, 77–86
G.Tsudik, E.Van Herreweghen Some Remarks on Protecting Weak Keys and Poorly-Chosen Secrets from Guessing Attacks. In: Proceedings of the 12th IEEE Symposium on Reliable Distributed Systems. IEEE Computer Society Press, 1993, pp. 136–141
Gong L. Optimal Authentication Protocols Resistant to Password Guessing Attacks. In: Proceedings of the 1995 IEEE Computer Security Foundations Workshop VIII. IEEE Computer Society Press, 1995, pp. 24–29
Tardo J., Alagappan K. SPX: Global Authentication Using Public Key Certificates. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press, 1991, pp. 23–244
Bellovin S., Merritt M. Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1992, pp. 72–84
Gong L., Lomas M., Needham R. Saltzer J. Protecting Poorly Chosen Secrets from Guessing Attacks. IEEE Journal on Selected Areas in Communications 1993; Vol. 11, No. 5,648–656
Jobusch D., Oldehoeft A. A survey of Password Mechanisms: Weaknesses and Potential Improvements. Computers and Security 1989 ;Vol. 8, No. 7, 587–603
Syverson P. A Taxonomy of Replay Attacks. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 187–191
Denning D., Sacco G. Timestamps in Key Distribution Protocols. Communications of the ACM 1981 ;Vol. 24, No. 8, 533–536
Needham R., Schroeder M. Using Encryption for Authentication in large networks of computers. Communications of the ACM 1978 ;21(12) 993–999
Syverson P. On Key Distribution Protocols for Repeated Authentication.ACM Operating Systems Review 1993 ;27(4) 24–30
Neuman B., Stubblebine S. A Note on the Use of Timestamps as Nonces. ACM Operating Systems Review 1993 ;27(2) 10–14
Snekkenes E. Roles in Cryptographic Protocols. In: Proceedings of the 1992 IEEE Computer Security Symposium on Security and Privacy IEEE Computer Society Press, 1992, pp. 105–120
Shamir A., Rivest R., Adleman L. Mental Poker. MIT Laboratory for Compute Science, 1978, Report TM-125: 178–184
Massey J. An Introduction to Contemporary Cryptology. In: Proceedings of the IEEE. IEEE Computer Society Press, 1988, Vol. 76, No. 5, pp. 533–549
Moore J. Protocol Failures in Cryptosystems. In: Proceedings of the IEEE IEEE Computer Society Press, 1988, Vol. 76, No. 5, pp. 594–602
Kemmerer R., Meadows C., Millen J. Three Systems for Cryptographic Protocol Analysis. Journal of Cryprology 1994; (7) 79–130
Brackin S. A. HOL Extension of GNY for Automatically Analysing Cryptographic Protocols. In: Proceedings of the 1996 IEEE Computer Security Foundations Workshop IX. IEEE Computer Society Press, 1996, pp. 62–76
Dolev D., Yao A. On the Security of Public Key Protocols. IEEE Transactions on Information Theory 1983 ;29(2) 198–208
Kemmerer R. Analysing encryption protocols using formal verification techniques. IEEE Journal on Selected Areas in Communications 1989 ; 7(4) 448–457
Meadows C. Applying Formal Methods to the Analysis of a Key-Management Protocol. Journal of Computer Security 1992 ;vol. 1, 5–35
Millen J. The Interrogator Model. In: Proceedings of the 1995 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1995, pp. 251–260
Sidhu D. Authentication Protocols for Computer Networks. Computer Networks and ISDN Systems 1986 ;11, 297–310
Varadharajan V. Verification of Network Security Protocols. Computers and Security 1989 ;Vol. 8, 693–708
Gong L., Needham R., Yahalom R. Reasoning about Belief in Cryptographic Protocols. In: Proceedings of the 1990 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1990, pp. 234–248
Syverson P., van Oorschot P.C. On Unifying some Cryptographic Protocol Logics. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 14–29
S.Gritzalis BAN logic for the analysis and verification of authentication protocols in distributed systems: A Review. In: Proceedings of the 1st meeting of the IKAROS Human Network for the Safety, Quality, and Reliability in Information and Communication Technologies, 1996, (in Greek)
Kessler V., Wedel G. AUTLOG-An advanced Logic of Authentication. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 90–99
Syverson P. The Use of Logic in the Analysis of Cryptographic Protocols. In: Proceedings of the 1991 IEEE Computer Security Symposium on Security and Privacy. IEEE Computer Society Press, 1991, pp. 156–170
Roscoe A.W. Modelling and verifying key-exchange protocols using CSP and FDR. In:Proceedings of the 1995 IEEE Computer Security Foundations Workshop137IIX.IEEE Computer Society Press, 1995, pp. 98–107
Lowe D. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR. In: Proceedings of TACAS. Springer Verlag, 1996, pp. 147–166
Scheid J., Holtsberg S. Ina Jo Specification Language Reference Manual, System Development Group, Unisys Corporation, CA, 1988
Diffie W., Hellman M. New Directions in Cryptography. IEEE Transactions on Information Theory 1976 ;Vol. IT-22, No. 6, 644–654
Tatebayashi M., Matsuzaki N., Newman D. Key Distribution Protocol for Digital Mobile Communications Systems. In: Advances in Cryptology, CRYPTO ’89. Springer Verlag, 1989, pp. 324–333 (Lecture Notes in Computer Science no. 435)
Purdy G., Simmons G., Studier J. A Software Protection Scheme. In: Proceedings of the 1982 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, pp. 99–103
Simmons G. How to Selectively Broadcast a Secret. In: Proceedings of the 1985 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1985
Syverson P. Knowledge, belief and Semantics in the Analysis of Cryptographic Protocols. Journal of Computer Security 1992 ;Vol. 1, No. 3 317–334
Satyanarayanan M. Integrating Security in a large distributed system. ACM Transactions on Computer Systems 1989 ; 7(3) 247–280
J.Millen, C.Neuman, J.Schiller, J.Saltzer Kerberos Authentication and Authorisation system, Project Athena Technical Plan, Section E.2.1. M.I.T., 1987
Otway D., Rees O. Efficient and timely mutual authentication. A CM Operating Systems Review 1987; 2 \(\) 8–10
Mao W. An Augmentation of BAN-like Logics. In: Proceedings of the 1995 IEEE Computer Security Foundations Workshop VIII. IEEE Computer Society Press, 1995, pp. 44–56
Bellare M., Garay J., Hauser R., etal. iKP - a family of secure electronic payment protocols. In: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX Association, 1995
G.Pal Verification of the iKP family of secure electronic payment protocols, http://web.mit.edu/gnpal/www/ikp/verify_ikp.html, 1996
Brackin S. An Interface Specification Language for Automatically Analysing Cryptographic Protocols. In: Proceedings of the 1997 Symposium on Network and Distributed System Security. IEEE Computer Society Press, 1997, pp. 40–51
Brackin S. Automatic Formal Analyses of Cryptographic Protocols. In: Proceedings of the 19th National Conference on Information Systems Security, IEEE Computer Society Press, 1996
Brackin S. Automatic Formal Analyses of Cryptographic Protocols, updated version of [54], private communication, 1997
J.Millen CAPSL - Common Authentication Protocol Specification Language, work in progress: http://www.mitre.org/research/capsl/,1997
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer-Verlag London Limited
About this paper
Cite this paper
Gritzalis, S., Spinellis, D. (1997). Cryptographic Protocols over Open Distributed Systems: A Taxonomy of Flaws and related Protocol Analysis Tools. In: Daniel, P. (eds) Safe Comp 97. Springer, London. https://doi.org/10.1007/978-1-4471-0997-6_10
Download citation
DOI: https://doi.org/10.1007/978-1-4471-0997-6_10
Publisher Name: Springer, London
Print ISBN: 978-3-540-76191-4
Online ISBN: 978-1-4471-0997-6
eBook Packages: Springer Book Archive