Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Security Analysis of Cryptographic Protocols Based on Trusted Freshness

  • Published : 2008.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

A novel idea of protocol security analysis is presented based on trusted freshness. The idea has been implemented not only by hand but also by a belief muitisets formalism for automation. The key of the security analysis based on trusted freshness is a freshness principle: for each participant of a cryptographic protocol, the security of the protocol depends only on the sent or received one-way transformation of a message, which includes a trusted freshness. The manual security analysis method and the belief multisets formalism are all established on the basis of the freshness principle. Security analysis based on trusted freshness can efficiently distinguish whether a message is fresh or not, and the analysis results suggest the correctness of a protocol convincingly or the way to construct attacks intuitively from the absence of security properties. Furthermore, the security analysis based on trusted freshness is independent of the idealization of a protocol, the concrete formalization of attackers' possible behaviors, and the formalization of concurrent runs of protocols.

Keywords

References

  1. R. Needham and M.D. Schroeder. 'Using encryption for authentication in large network of computers'. Communication of the ACM, vol.21, no.12, pp. 993-999, 1978 https://doi.org/10.1145/359657.359659
  2. G Lowe. 'An attack on the needham-schroeder public key authentication protocol'. Information Processing letters, vol.56, no.3, pp. 131-133, 1995 https://doi.org/10.1016/0020-0190(95)00144-2
  3. M. Abadi and R. Needham. 'Prudent engineering practice for cryptographic protocols' IEEE Transactions on Software Engineering, vol.2l , no. 1, pp 6-15, Jan. 1996
  4. D.Dolev and A.C.Yao. 'On the security of public key protocols'. IEEE Transactions on Information Theory, vol.29, no.2, 1983
  5. M. A M. Burrows and R. Needham. 'A logic of authentication'. Proc. Royal Soc. London A, vol. 426, pp. 233-271, 1989 https://doi.org/10.1098/rspa.1989.0125
  6. P. Syverson and P. van Oorschot. 'On unifying some cryptographic protocol logics'. IEEE Computer Society Symposium on Research in Security and Privacy, 16-18 May 1994, pp. 14-28
  7. Glowe.' Toward a completeness result for model checking of security protocol'. pp. 1-48, June 1999
  8. F. Fabrega, J. Herzog, and J. Guttman.'Strand spaces: why is a security protocol correct?'. Proc. 1998 IEEE Symposium on Security and Privacy, 3-6 May 1998, pp. 160-171
  9. J. Guttman and F. Thayer. 'Authentication tests'. Proc.lEEE Symposium on Security and Privacy, 14-17 May 2000, pp. 96-109
  10. M. Bellare, P. Rogaway. 'Random oracles are practical: a paradigm for designing efficient protocols'. In First ACM Conference on Computer and Communications Security New York: ACM Press, 1993, 62-73
  11. M. Bellare, P. Rogaway. 'Entity authentication and key distribution'.' Proc. of CRYPTO'93, LNCS 773. 1993, pp 232-249
  12. W. Mao, Modem Cryptography' Theory and Practice. English reprint Copyright by PEARSON EDUCATION NORTH ASIA LIMITED and Publishing House of Electronic Industry, 2004
  13. S. Goldwasser and S. Micali. 'Probabilistic encryption.' JCSS, vol.28, no.2, pp. 270-299, April 1984
  14. G Lowe. 'Breaking and fixing the needham-schroeder public key protocol using FDR'. Proc. of TACAS, vol. 1055, Springer Verlag, 1996, pp. 147-166
  15. R. Canetti and H. Krawczyk. 'Analysis of key-exchange protocols and their use for building secure channels'. Proc, of EUROCRYPT 2001, LNCS 2045, 2001, pp. 453-474
  16. L. Dong, K. Chen, X. Lai. 'Belief Multisets for Cryptographic Protocol Analysis'. Journal of Software (To Appear)
  17. L. Dong, K. Chen, Y. Zheng, X. Hong. 'The Guarantee of Authentication Protocol Security ' Journal of Shanghai JiaoTong University (in Chinese), vol. 42, no.4, pp.518- 522, 2008
  18. Otway D, and O. Rees. 'Efficient and Timely Mutual Authentication'. Operating Systems Review, vol.21, pp. 810, 1987
  19. D. Denning and G. Sacco. 'Timestamps in key distribution protocols'. Communication of the ACM, vol.24, no.8, pp. 533-536, 1978 https://doi.org/10.1145/358722.358740