Static validation of security protocols
نویسندگان
چکیده
We methodically expand protocol narrations into terms of a process algebra in order to specify some of the checks that need to be made in a protocol. We then apply static analysis technology to develop an automatic validation procedure for protocols. Finally, we demonstrate that these techniques suffice to identify several authentication flaws in symmetric and asymmetric key protocols such as Needham-Schroeder symmetric key, Otway-Rees, Yahalom, Andrew Secure RPC, Needham-Schroeder asymmetric key, and Beller-Chang-Yacobi MSR.
منابع مشابه
Introducing ASPECT – a tool for checking protocol security
security protocols, software tools, strand spaces, formal methods We have developed an efficient proof-of-concept prototype tool for security protocol validation called ASPECT. This prototype is designed to demonstrate the feasibility of our approach to security protocol checking and validation. Our approach can be characterised in terms of “flaw-detection for security protocols”, much in the s...
متن کاملAnalyzing Security Protocols in Hierarchical Networks
Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus capturing the characteristics of hierarchical networks and describe the behavior of protocols on s...
متن کاملStatic Validation of a Voting Protocol
The desired security properties of electronic voting protocols include verifiability, accuracy, democracy and fairness. In this paper we use a static program analysis tool to validate these properties for one of the classical voting protocols under appropriate assumptions. The protocol is formalised in an extension of the LYSA process calculus with blinding signatures. The analysis, which is fu...
متن کاملAnalysis of the PKMv2 Protocol in IEEE 802.16e-2005 Using Static Analysis
The IEEE 802.16e-2005 specification provides an air interface standard for metropolitan area wireless broadband service. IEEE 802.16 is the basis for Worldwide Interoperability for Microwave Access (WiMAX) certification which is the next evolution in wireless technology. The latest version of the standard, the IEEE 802.16e addresses mobility and also enhances the security sublayer of the IEEE 8...
متن کاملComputer Security from a Programming Language and Static Analysis Perspective
Computer security [16,5] is usually defined as ensuring integrity, confidentiality, and availability requirements even in the presence of a determined, malicious opponent. Sensitive data must be modified and consulted by authorized users only (integrity, confidentiality); moreover, the system should resist “denial of service” attacks that attempt to render it unusable (availability). In more co...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Computer Security
دوره 13 شماره
صفحات -
تاریخ انتشار 2005