Skip to main content
SpringerLink
Log in

Cryptographic Protocols over Open Distributed Systems: A Taxonomy of Flaws and related Protocol Analysis Tools

  • Conference paper
Safe Comp 97

Abstract

When designing and implementing cryptographic protocols one must avoid a number of possible flaws. In this paper we divide possible flaws based on the flaw pathology and the corresponding attack method, into elementary protocol flaws, password/key guessing flaws, stale message flaws, parallel session flaws, internal protocol flaws, and cryptosystem flaws. We then outline and comment on different attack construction and inference-based formal methods, protocol analysis tools, and process integration techniques and their effectiveness in aiding the cryptographic protocol design process by discovering protocol flaws with regard to the aforementioned proposed taxonomy of them.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Carlsen U. Cryptographic Protocol Flaws. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 192–200

    Google Scholar 

  2. Carlsen U. Using Logics to Detect Implementation-Dependent Flaws. In: P roceedings of the 9th IEEE Annual Computer Security Applications Conference. IEEE Computer Society Press, 1993, pp. 64–73

    Google Scholar 

  3. Nesset D. A Critique of the BAN Logic. ACM Operating Systems Review 1990; 24(2) 35–38

    Article  Google Scholar 

  4. Burrows M., Abadi M., Needham R. A Logic of Authentication. ACM Transactions on Computer Systems 1990; 8(1) 18–36

    Article  Google Scholar 

  5. CCITT X.509: The Directory - An Authentication framework. CCITT, 1988

    Google Scholar 

  6. Morris R. Password Security: A C’ase History. Communications of the ACM 1979; 22(11) 594–597

    Article  Google Scholar 

  7. Klein D. Foiling the Cracker: A Survey of, and Improvements to, Password Security. In: Proceedings of the USENIX Security Workshop II. USENIX Association, 1990, pp. 5–14

    Google Scholar 

  8. Gong L. Attacks in Cryptographic Protocols. In: Proceedings of IEEE INFOCOM ’90. IEEE Computer Security Society Press, 1990

    Google Scholar 

  9. Janson P., Molva R. Security in Open Networks and Distributed Systems.Computer Networks and ISDN Systems 1991;22(5) 323–346

    Article  Google Scholar 

  10. Ding Y., Horster P. Undetectable on-line password guessing attacks, ACM Operating Systems Review 1995; Vol. 29, No. 4, 77–86

    Article  Google Scholar 

  11. G.Tsudik, E.Van Herreweghen Some Remarks on Protecting Weak Keys and Poorly-Chosen Secrets from Guessing Attacks. In: Proceedings of the 12th IEEE Symposium on Reliable Distributed Systems. IEEE Computer Society Press, 1993, pp. 136–141

    Google Scholar 

  12. Gong L. Optimal Authentication Protocols Resistant to Password Guessing Attacks. In: Proceedings of the 1995 IEEE Computer Security Foundations Workshop VIII. IEEE Computer Society Press, 1995, pp. 24–29

    Google Scholar 

  13. Tardo J., Alagappan K. SPX: Global Authentication Using Public Key Certificates. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press, 1991, pp. 23–244

    Google Scholar 

  14. Bellovin S., Merritt M. Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1992, pp. 72–84

    Google Scholar 

  15. Gong L., Lomas M., Needham R. Saltzer J. Protecting Poorly Chosen Secrets from Guessing Attacks. IEEE Journal on Selected Areas in Communications 1993; Vol. 11, No. 5,648–656

    Article  Google Scholar 

  16. Jobusch D., Oldehoeft A. A survey of Password Mechanisms: Weaknesses and Potential Improvements. Computers and Security 1989 ;Vol. 8, No. 7, 587–603

    Article  Google Scholar 

  17. Syverson P. A Taxonomy of Replay Attacks. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 187–191

    Google Scholar 

  18. Denning D., Sacco G. Timestamps in Key Distribution Protocols. Communications of the ACM 1981 ;Vol. 24, No. 8, 533–536

    Article  Google Scholar 

  19. Needham R., Schroeder M. Using Encryption for Authentication in large networks of computers. Communications of the ACM 1978 ;21(12) 993–999

    Article  MATH  Google Scholar 

  20. Syverson P. On Key Distribution Protocols for Repeated Authentication.ACM Operating Systems Review 1993 ;27(4) 24–30

    Article  Google Scholar 

  21. Neuman B., Stubblebine S. A Note on the Use of Timestamps as Nonces. ACM Operating Systems Review 1993 ;27(2) 10–14

    Article  Google Scholar 

  22. Snekkenes E. Roles in Cryptographic Protocols. In: Proceedings of the 1992 IEEE Computer Security Symposium on Security and Privacy IEEE Computer Society Press, 1992, pp. 105–120

    Google Scholar 

  23. Shamir A., Rivest R., Adleman L. Mental Poker. MIT Laboratory for Compute Science, 1978, Report TM-125: 178–184

    Google Scholar 

  24. Massey J. An Introduction to Contemporary Cryptology. In: Proceedings of the IEEE. IEEE Computer Society Press, 1988, Vol. 76, No. 5, pp. 533–549

    Google Scholar 

  25. Moore J. Protocol Failures in Cryptosystems. In: Proceedings of the IEEE IEEE Computer Society Press, 1988, Vol. 76, No. 5, pp. 594–602

    Google Scholar 

  26. Kemmerer R., Meadows C., Millen J. Three Systems for Cryptographic Protocol Analysis. Journal of Cryprology 1994; (7) 79–130

    MATH  Google Scholar 

  27. Brackin S. A. HOL Extension of GNY for Automatically Analysing Cryptographic Protocols. In: Proceedings of the 1996 IEEE Computer Security Foundations Workshop IX. IEEE Computer Society Press, 1996, pp. 62–76

    Google Scholar 

  28. Dolev D., Yao A. On the Security of Public Key Protocols. IEEE Transactions on Information Theory 1983 ;29(2) 198–208

    Article  MathSciNet  MATH  Google Scholar 

  29. Kemmerer R. Analysing encryption protocols using formal verification techniques. IEEE Journal on Selected Areas in Communications 1989 ; 7(4) 448–457

    Article  Google Scholar 

  30. Meadows C. Applying Formal Methods to the Analysis of a Key-Management Protocol. Journal of Computer Security 1992 ;vol. 1, 5–35

    Google Scholar 

  31. Millen J. The Interrogator Model. In: Proceedings of the 1995 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1995, pp. 251–260

    Google Scholar 

  32. Sidhu D. Authentication Protocols for Computer Networks. Computer Networks and ISDN Systems 1986 ;11, 297–310

    Article  Google Scholar 

  33. Varadharajan V. Verification of Network Security Protocols. Computers and Security 1989 ;Vol. 8, 693–708

    Article  Google Scholar 

  34. Gong L., Needham R., Yahalom R. Reasoning about Belief in Cryptographic Protocols. In: Proceedings of the 1990 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1990, pp. 234–248

    Google Scholar 

  35. Syverson P., van Oorschot P.C. On Unifying some Cryptographic Protocol Logics. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 14–29

    Google Scholar 

  36. S.Gritzalis BAN logic for the analysis and verification of authentication protocols in distributed systems: A Review. In: Proceedings of the 1st meeting of the IKAROS Human Network for the Safety, Quality, and Reliability in Information and Communication Technologies, 1996, (in Greek)

    Google Scholar 

  37. Kessler V., Wedel G. AUTLOG-An advanced Logic of Authentication. In: Proceedings of the 1994 IEEE Computer Security Foundations Workshop VII. IEEE Computer Society Press, 1994, pp. 90–99

    Google Scholar 

  38. Syverson P. The Use of Logic in the Analysis of Cryptographic Protocols. In: Proceedings of the 1991 IEEE Computer Security Symposium on Security and Privacy. IEEE Computer Society Press, 1991, pp. 156–170

    Google Scholar 

  39. Roscoe A.W. Modelling and verifying key-exchange protocols using CSP and FDR. In:Proceedings of the 1995 IEEE Computer Security Foundations Workshop137IIX.IEEE Computer Society Press, 1995, pp. 98–107

    Google Scholar 

  40. Lowe D. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR. In: Proceedings of TACAS. Springer Verlag, 1996, pp. 147–166

    Google Scholar 

  41. Scheid J., Holtsberg S. Ina Jo Specification Language Reference Manual, System Development Group, Unisys Corporation, CA, 1988

    Google Scholar 

  42. Diffie W., Hellman M. New Directions in Cryptography. IEEE Transactions on Information Theory 1976 ;Vol. IT-22, No. 6, 644–654

    Article  MathSciNet  Google Scholar 

  43. Tatebayashi M., Matsuzaki N., Newman D. Key Distribution Protocol for Digital Mobile Communications Systems. In: Advances in Cryptology, CRYPTO ’89. Springer Verlag, 1989, pp. 324–333 (Lecture Notes in Computer Science no. 435)

    Google Scholar 

  44. Purdy G., Simmons G., Studier J. A Software Protection Scheme. In: Proceedings of the 1982 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, pp. 99–103

    Google Scholar 

  45. Simmons G. How to Selectively Broadcast a Secret. In: Proceedings of the 1985 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1985

    Google Scholar 

  46. Syverson P. Knowledge, belief and Semantics in the Analysis of Cryptographic Protocols. Journal of Computer Security 1992 ;Vol. 1, No. 3 317–334

    Google Scholar 

  47. Satyanarayanan M. Integrating Security in a large distributed system. ACM Transactions on Computer Systems 1989 ; 7(3) 247–280

    Article  Google Scholar 

  48. J.Millen, C.Neuman, J.Schiller, J.Saltzer Kerberos Authentication and Authorisation system, Project Athena Technical Plan, Section E.2.1. M.I.T., 1987

    Google Scholar 

  49. Otway D., Rees O. Efficient and timely mutual authentication. A CM Operating Systems Review 1987; 2 \(\) 8–10

    Article  Google Scholar 

  50. Mao W. An Augmentation of BAN-like Logics. In: Proceedings of the 1995 IEEE Computer Security Foundations Workshop VIII. IEEE Computer Society Press, 1995, pp. 44–56

    Google Scholar 

  51. Bellare M., Garay J., Hauser R., etal. iKP - a family of secure electronic payment protocols. In: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX Association, 1995

    Google Scholar 

  52. G.Pal Verification of the iKP family of secure electronic payment protocols, http://web.mit.edu/gnpal/www/ikp/verify_ikp.html, 1996

    Google Scholar 

  53. Brackin S. An Interface Specification Language for Automatically Analysing Cryptographic Protocols. In: Proceedings of the 1997 Symposium on Network and Distributed System Security. IEEE Computer Society Press, 1997, pp. 40–51

    Google Scholar 

  54. Brackin S. Automatic Formal Analyses of Cryptographic Protocols. In: Proceedings of the 19th National Conference on Information Systems Security, IEEE Computer Society Press, 1996

    Google Scholar 

  55. Brackin S. Automatic Formal Analyses of Cryptographic Protocols, updated version of [54], private communication, 1997

    Google Scholar 

  56. J.Millen CAPSL - Common Authentication Protocol Specification Language, work in progress: http://www.mitre.org/research/capsl/,1997

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Informatics, University of Athens, TYPA Buildings, GR-15771, Athens, Greece

    S. Gritzalis

  2. Department of Informatics, Technological Educational Institute of Athens (T.E.I.) of Athens, Ag.Spiridonos St. Aegaleo, GR-15771, Greece

    S. Gritzalis

  3. Department of Mathematics, University of the Aegean, GR-83200, Samos, Greece

    D. Spinellis

  4. SENA SA, Byzantiou 2 N.Ionia, GR-14234, Greece

    D. Spinellis

Authors
  1. S. Gritzalis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. D. Spinellis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. GEC-Marconi Secure Systems Ltd, Wavertree Boulevard, Wavertree Technology Park, L7 9PE, Liverpool, UK

    Peter Daniel PhD, BSc, MSc

Rights and permissions

Reprints and permissions

Copyright information

© 1997 Springer-Verlag London Limited

About this paper

Cite this paper

Gritzalis, S., Spinellis, D. (1997). Cryptographic Protocols over Open Distributed Systems: A Taxonomy of Flaws and related Protocol Analysis Tools. In: Daniel, P. (eds) Safe Comp 97. Springer, London. https://doi.org/10.1007/978-1-4471-0997-6_10

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-0997-6_10

  • Publisher Name: Springer, London

  • Print ISBN: 978-3-540-76191-4

  • Online ISBN: 978-1-4471-0997-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation