Journal Article10.1109/32.637148
Using CSP to detect errors in the TMN protocol
Gavin Lowe,Bill Roscoe +1 more
183
TL;DR: Tatebayashi et al. as discussed by the authors used FDR (Failures Divergence Refinement), a model checker for CSP, to detect errors in the TMN protocol and found a total of 10 different attacks leading to breaches of security.
read more
Abstract: We use FDR (Failures Divergence Refinement), a model checker for CSP, to detect errors in the TMN protocol (M. Tatebayashi et al., 1990). We model the protocol and a very general intruder as CSP processes, and use the model checker to test whether the intruder can successfully attack the protocol. We consider three variants on the protocol, and discover a total of 10 different attacks leading to breaches of security.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Constraints and approaches for distributed sensor network security
David W. Carman,Peter S. Kruus,Brian J. Matt +2 more
- 01 Jan 2000
TL;DR: This document describes the sensor network constraints and key management approaches research for FY 2000, and examines both existing and NAI Labs-developed keying protocols for their suitability at satisfying identified requirements while overcoming battlefield energy constraints.
•Book
The modelling and analysis of security protocols: the csp approach
Peter Y. A. Ryan,Steve Schneider +1 more
- 21 Dec 2000
TL;DR: This book provides a thorough and detailed understanding of one of the most effective approaches to the design and evaluation of security critical systems, describing the role of security protocols in distributed secure systems and the vulnerabilities to which they are prey.
Classification of Security Properties (Part I: Information Flow)
Riccardo Focardi,Roberto Gorrieri +1 more
- 01 Sep 2000
TL;DR: In this paper, many non-interference-like properties proposed for computer security are classified and compared in a unifying framework and the resulting taxonomy is evaluated through some case studies of access control in computer systems.
Towards a completeness result for model checking of security protocols
Gavin Lowe
- 09 Jun 1998
TL;DR: The author presents sufficient conditions on the protocol and its environment such that if there is no attack upon a particular small system leading to a breach of secrecy (using a fairly strong definition of secrecy), then there will be no attack on any larger system lead to a breaches of secrecy.
185
Abstracting Cryptographic Protocols with Tree Automata
David Monniaux,David Monniaux +1 more
- 22 Sep 1999
TL;DR: This work proposes a new, abstract interpretation based, approach, using regular tree languages to analyze cryptographic protocols, and the abstraction used seems fine-grained enough to be able to certify some protocols.
References
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Breaking and Fixing the Needham−Schroeder Public−Key Protocol Using FDR
Gavin Lowe
- 01 Jan 1996
TL;DR: This paper uses FDR, a refinement checker for CSP to discover an attack upon the Needham-Schroeder Public-Key Protocol, which allows an intruder to impersonate another agent, and adapt the protocol, and uses FDR to show that the new protocol is secure, at least for a small system.
1.3K
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
Gavin Lowe
- 27 Mar 1996
TL;DR: In this article, the authors analyse the Needham-Schroeder Public-Key Protocol using FDR, a refinement checker for CSP, and discover an attack upon the protocol, which allows an intruder to impersonate another agent.
A hierarchy of authentication specifications
Gavin Lowe
- 10 Jun 1997
TL;DR: It is suggested that the appropriate authentication requirement will depend upon the use to which the protocol is put, and the model checker FDR can be used to test whether a system running the protocol meets such a specification.
757