Proceedings Article10.1109/CSAC.1993.315453
Using logics to detect implementation-dependent flaws [cryptographic protocol design]
U. Carlsen
- 06 Dec 1993
- pp 64-73
12
TL;DR: The epistemic logic CKT5 is modified and shown to operate at a sufficiently detailed bevel to capture implementation-dependent flaws.
read more
Abstract: Vulnerabilities may be introduced at all stages of cryptographic protocol design. Reasoning about a protocol at a functional level does not unveil flaws which are inherently implementation-dependent. This paper uncovers a potential implementation-dependent flaw in a previously published protocol. Formal techniques should be able to analyse protocols with respect to such flaws. The epistemic logic CKT5 is modified and shown to operate at a sufficiently detailed bevel to capture implementation-dependent flaws. >
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A taxonomy of replay attacks [cryptographic protocols]
Paul Syverson
- 14 Jun 1994
TL;DR: A taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination is presented, complete in the sense that any replay attack is composed entirely of elements classified by the taxonomy.
170
Optimal privacy and authentication on a portable communications system
TL;DR: Con Conversation set-up protocols for the responding party are discussed, a public key protocol providing end-to-end authentication and privacy is described, and relative as well as collective merits of the protocols are emphasised.
82
Cryptographic protocol flaws: know your enemy
U. Carlsen
- 14 Jun 1994
TL;DR: A classification of protocol flaws, including two new flaws in an application of the mental poker protocol, is provided, and appropriate countermeasures for relevant flaw-categories are discussed.
55
On key distribution protocols for repeated authentication
TL;DR: This paper sets out implementation assumptions required for the attacks to take place and implementation assumptions that preclude such an attack on NS, and looks at other protocols, including one that is not subject to this form of attack and has the same number of messages as NS.
46
Generating formal cryptographic protocol specifications
U. Carlsen
- 16 May 1994
TL;DR: This paper describes a tool which translates a cryptographic protocol specified in the semi-formal standard notation i.
41
References
A logic of authentication
Michael Burrows,Martín Abadi,Roger M. Needham +2 more
- 01 Nov 1989
TL;DR: This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols.
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
A note on the use of timestamps as nonces
TL;DR: Kehne, Schonwalder, and Langendorfer have proposed a nonce-based protocol for multiple authentications that they claim improves upon the Kerberos protocol because it does not depend on the presence of synchronized clocks.
166
A critique of the Burrows, Abadi and Needham logic
TL;DR: A l'aide d' un exemple simple, l'existence d'un point faible significatif dans la logique proposee par Burrows, Abadi et Needham est montree.
157
Towards formal analysis of security protocols
Wenbo Mao,Colin Boyd +1 more
- 15 Jun 1993
TL;DR: The formalisation of the BAN logic is found to be desirable not only for its potential in providing rigorous analysis of security protocols, but also for its readiness for supporting a computer-aided fashion of analysis.
150
Related Papers (5)
L. Gong,Roger M. Needham,R. Yahalom +2 more
- 07 May 1990
Martín Abadi,Mark R. Tuttle +1 more
- 01 Jul 1991
U. Carlsen
- 14 Jun 1994