Specifying Authentication Protocols Using ELAN
نویسنده
چکیده
The Needham-Schroeder public-key protocol [NS78] has been already analyzed using several methodologies from model-checkers like FDR [Ros94] to approaches based on theorem proving like NRL [Mea96]. Although this protocol is simple it has been proved insecure only in 1995 by G. Lowe [Low95]. After the discover of the security problem and the correctness proof of a modified version in [Low96] several other approaches have been used in order to discover the attack and obtain correct versions like [Mea96, Mon99, Den98]. The protocol is described by defining the messages exchanged between the participants. Each agent sends a message and goes into a new state in which it possibly expects a confirmation message. We can thus say that the protocol consists in the sequence of states describing the agents and the communication network. Therefore it seems natural to use rewrite rules in order to describe the transition from one state to another and strategies in order to describe the way these rules are applied. In order to describe a computational version of a certain logic we use computational systems that can express the proof calculus of the given logic. A computational system ([KKV95]) is a combination of a rewrite theory and a strategy describing the intended set of computations. These ideas are implemented in the language ELAN ([BKK98]) which allows to describe computational systems. In our approach the whole formalization is done as the same level: the state transitions of the agents and of the intruder as well as the invariants the protocol should satisfy are described by ELAN rewrite rules. Furthermore, by making the formalization executable we allow either to directly use the specification for analyzing the protocol or to replay attacks or scenarios proposed by a third party.
منابع مشابه
Specifying Authentication Protocols Using Rewriting and Strategies
Programming with rewrite rules and strategies has been already used for describing several computational logics. This paper describes the way the Needham-Schroeder Public-Key protocol is specified in ELAN, the system developed in Nancy to model and compute in the rewriting calculus. The protocol aims to establish a mutual authentication between an initiator and a responder that communicate via ...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملHMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کاملGSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication
Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...
متن کاملEnhancing privacy of recent authentication schemes for low-cost RFID systems
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we a...
متن کامل