Skip to main content
SpringerLink
Log in
Book cover

Advanced Multimedia and Ubiquitous Engineering pp 263–270Cite as

Predicting New Attacks: A Case Study in Security Analysis of Cryptographic Protocols

  • Conference paper
  • First Online:

  • 1061 Accesses

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 393))

Abstract

Knowledge about attacks is a necessary foundation for security analysis of information systems or cryptographic protocols. Current security verification methods for improving the security of target systems or the soundness of cryptographic protocols has limitations because they are all based on the assumptions from known attacks, while the attackers are trying every possible attacks against the information systems. Once a new-style attack was found by adversaries earlier, it would bring severe loss to the target systems. Therefore, it is essential to understand and take measures against new attacks previously. A new method has been proposed for predicting new attacks, but it lacks experimental results to prove its effectiveness. This paper confirms the effectiveness of the proposed method by a rediscovery experiment that shows several known attacks on cryptographic protocols rediscovered successfully. The paper also shows issues of the approach for predicting new attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abadi M, Fournet C (2001) Mobile values, new names and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on principles of programming languages, pp 104–115, ACM

    Google Scholar 

  2. Anderson RJ, Needham RM (1995) Programming Satan’s computer. In: van Leeuwen J (ed) Computer science today: recent trends and developments. LNCS, vol 1000. Springer, Heidelberg, pp 426–440

    Google Scholar 

  3. Bao D, Goto Y, Cheng J (2014) Predicting new attacks for information security. In: Park JJ et al. (eds) Computer science and its applications, ubiquitous information technologies. LNEE, vol 330. Springer, Heidelberg, pp 1353–1358


    Google Scholar 

  4. Bau J, Mitchell J (2011) Security modeling and analysis. IEEE Secur Priv 9(3):18–25

    Article  Google Scholar 

  5. Boyd C, Mao W (1994) On a limitation of BAN logic. In: Helleseth T (ed) EUROCRYPT 1993. LNCS, vol 765. Springer, Heidelberg, pp 465–474

    Google Scholar 

  6. Boyd C, Mathuria A (2003) Protocols for authentication and key establishment. Springer, Heidelberg


    Google Scholar 

  7. Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8(1):18–36

    Google Scholar 

  8. Cheng J (2006) Strong relevant logic as the universal basis of various applied logics for knowledge representation and reasoning. In: Kiyoki Y, Henno J, Jaakkola H, Kangassalo H (eds) Information modelling and knowledge bases XVII. Frontiers in artificial intelligence and applications, vol 136. IOS Press, Amsterdam, pp 310–320

    Google Scholar 

  9. Cheng J (2014) New challenges in future software engineering. In: Park JJ, Pan Y, Kim C, Yan Y (eds) Future information technology, FutureTech 2014. LNEE, vol 309. Springer, Berlin, pp 31–36

    Google Scholar 

  10. Cheng J, Miura J (2006) Deontic relevant logic as the logical basis for specifying, verifying, and reasoning about information security and information assurance. In: Proceedings of 1st international conference on availability, reliability and security, IEEE Computer Society, pp 601–608

    Google Scholar 

  11. Cheng J, Nara S, Goto Y (2007) FreeEnCal: a forward reasoning engine with general-purpose. In: Knowledge-based intelligent information and engineering systems, LNAI, vol 4693. Springer, Berlin, pp 444–452

    Google Scholar 

  12. Clark J, Jacob J (1996) Attacking authentication protocols. High Integr Syst 1(5):465–473

    Google Scholar 

  13. Dolev D, Yao A (1983) On the security of public-key protocols. IEEE Trans Inf Theory 29:198–208

    Google Scholar 

  14. Otway D, Rees O (1987) Efficient and timely mutual authentication. Oper Syst Rev 21(1):8–10

    Article  Google Scholar 

  15. Wagatsuma K, Goto Y, Cheng J (2015) A formal analysis method with reasoning for key exchange protocols. J Inf Process Soc Jpn 56(3):903–910 (in Japanese)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Computer Sciences, Saitama University, Saitama, Japan

    Da Bao, Kazunori Wagatsuma, Hongbiao Gao & Jingde Cheng

Authors
  1. Da Bao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kazunori Wagatsuma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hongbiao Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jingde Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jingde Cheng .

Editor information

Editors and Affiliations

  1. Computer Science and Engg., Seoul National Uni. of Sci. & Techn. Computer Science and Engg., Seoul, Korea (Republic of)

    James J. (Jong Hyuk) Park

  2. School of Comp. Science and Technology, Huazhong Univ. of Science and Technology School of Comp. Science and Technology, Wuhan, China

    Hai Jin

  3. Dept. of Multimedia Eng., Dongguk University Dept. of Multimedia Eng., Seoul, Korea (Republic of)

    Young-Sik Jeong

  4. College of Computer & Information Sci, King Saud University College of Computer & Information Sci, Riyadh, Saudi Arabia

    Muhammad Khurram Khan

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Science+Business Media Singapore

About this paper

Cite this paper

Bao, D., Wagatsuma, K., Gao, H., Cheng, J. (2016). Predicting New Attacks: A Case Study in Security Analysis of Cryptographic Protocols. In: Park, J., Jin, H., Jeong, YS., Khan, M. (eds) Advanced Multimedia and Ubiquitous Engineering. Lecture Notes in Electrical Engineering, vol 393. Springer, Singapore. https://doi.org/10.1007/978-981-10-1536-6_35

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-1536-6_35

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-1535-9

  • Online ISBN: 978-981-10-1536-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation