Advertisement

Attack Interference: A Path to Defending Security Protocols

  • Maria-Camilla Fiazza
  • Michele Peroli
  • Luca Viganò
Part of the Communications in Computer and Information Science book series (CCIS, volume 314)

Abstract

Traditionally security protocol analysis relies on a single Dolev-Yao attacker. This type of attacker is so powerful that overall attack power does not change if additional attackers cooperate. In this paper, we take a fundamentally different approach and investigate the case of multiple non-collaborating attackers. We show how non-collaboration between attackers gives rise to interference between ongoing attacks and that it is possible to actively exploit attack interference to mitigate security breaches and provide partial protection to weak protocols.

Keywords

Security Protocol Intended Receiver Network Dataset Honest Agent Attack Power 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arsac, W., Bella, G., Chantry, X., Compagna, L.: Validating Security Protocols under the General Attacker. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 34–51. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Arsac, W., Bella, G., Chantry, X., Compagna, L.: Multi-attacker protocol validation. Journal of Automated Reasoning 46(3), 353–388 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  3. 3.
    Basin, D., Caleiro, C., Ramos, J., Viganò, L.: Distributed temporal logic for the analysis of security protocol models. Theoretical Computer Science 412(31), 4007–4043 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Basin, D., Capkun, S., Schaller, P., Schmidt, B.: Let’s Get Physical: Models and Methods for Real-World Security Protocols. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 1–22. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Bella, G., Bistarelli, S., Massacci, F.: A Protocol’s Life After Attacks.. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 3–10. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Bella, G., Bistarelli, S., Massacci, F.: Retaliation against protocol attacks. Journal of Information Assurance and Security 3, 313–325 (2008)Google Scholar
  7. 7.
    Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer (2003)Google Scholar
  8. 8.
    Caleiro, C., Viganò, L., Basin, D.: Metareasoning about security protocols using distributed temporal logic. Electronic Notes in Theoretical Computer Science 125(1), 67–89 (2005)CrossRefGoogle Scholar
  9. 9.
    Caleiro, C., Viganò, L., Basin, D.: On the Semantics of Alice & Bob Specifications of Security Protocols. Theoretical Computer Science 367(1-2), 88–122 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Comon-Lundh, H., Cortier, V.: Security Properties: Two Agents Are Sufficient. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 99–113. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Dilloway, C., Lowe, G.: On the specification of secure channels. In: Proceedings of WITS 2007 (2007)Google Scholar
  12. 12.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inform. Theory 29(2), 198–208 (1983)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Fiazza, M.-C., Peroli, M., Viganò, L.: Attack Interference in Non-Collaborative Scenarios for Security Protocol Analysis. In: Proceedings of SECRYPT 2011, pp. 144–156. SciTePress (2011)Google Scholar
  14. 14.
    Kamil, A., Lowe, G.: Specifying and Modelling Secure Channels in Strand Spaces. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 233–247. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    Millen, J.K., Denker, G.: Capsl and mucapsl. Journal of Telecommunications and Information Technology 4, 16–27 (2002)Google Scholar
  16. 16.
    Mödersheim, S., Viganò, L., Basin, D.A.: Constraint differentiation: Search-space reduction for the constraint-based analysis of security protocols. Journal of Computer Security 18(4), 575–618 (2010)Google Scholar
  17. 17.
    Schaller, P., Schmidt, B., Basin, D., Capkun, S.: Modeling and verifying physical properties of security protocols for wireless networks. In: Proceedings of CSF, vol. 22. IEEE Computer Society (2009)Google Scholar
  18. 18.
    Syverson, P., Meadows, C., Cervesato, I.: Dolev-Yao is no better than Machiavelli. In: Proceedings of WITS 2000, pp. 87–92 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Maria-Camilla Fiazza
    • 1
  • Michele Peroli
    • 1
  • Luca Viganò
    • 1
  1. 1.Department of Computer ScienceUniversity of VeronaVeronaItaly

Personalised recommendations