Verifying Authentication Protocol Implementations
نویسنده
چکیده
Formal methods for verifying authentication protocols tend to assume an idealised perfect form of encryption This approach has been spec tacularly successful in nding aws but when we aim for proofs of cor rectness then we need to consider this assumption more carefully and perhaps to weaken it to re ect properties of real cryptographic mech anisms This paper reviews the existing CSP approach to verifying protocols and considers how algebraic properties of real cryptographic mechanisms can be incorporated within a rank function veri cation The approach is illustrated with an authentication protocol which makes use of exclusive or
منابع مشابه
Crypto-Verifying Protocol Implementations in ML
We intend to narrow the gap between concrete implementations and verified models of cryptographic protocols. We consider protocols implemented in F#, a variant of ML, and verified using CryptoVerif, Blanchet’s protocol verifier for computational cryptography. We experiment with compilers from F# code to CryptoVerif processes, and from CryptoVerif declarations to F# code. We present two case stu...
متن کاملDHCPAuth - A DHCP message authentication module
DHCP is one of the most used network protocols, despite the security issues it has. Our work is motivated by the numerous attacks that can be launched against DHCP and the impact that they can have. Firstly, we formulate the constraints and design principles for a DHCP message authentication module that is flexible and easy to integrate with current DHCP implementations, while providing the nec...
متن کاملAUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations
Ideally, security protocol implementations should be formally verified before they are deployed. However, this is not true in practice. Numerous high-profile vulnerabilities have been found in web authentication protocol implementations, especially in single-sign on (SSO) protocols implementations recently. Much of the prior work on authentication protocol verification has focused on theoretica...
متن کاملA TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملManual for Slede Annotation Language
Verifying sensor network security protocol implementations using testing/simulation might leave some flaws undetected. Formal verification techniques have been very successful in detecting faults in security protocol specifications; however, they generally require building a formal description (model) of the protocol. Building accurate models is hard, thus hindering the application of formal ve...
متن کامل