Authentication tests and disjoint encryption: A design method for security protocols

نویسنده

  • Joshua D. Guttman
چکیده

We describe a protocol design process, and illustrate its use by creating atspect, an Authentication Test-based Secure Protocol for Electronic Commerce Transactions. The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory. The authentication tests dictate how randomly generated values such as nonces may be combined with encryption to achieve authentication and freshness. atspect offers functionality and security guarantees akin to the purchase request, payment authorization, and payment capture phases of set, the secure electronic transaction standard created by the major credit card firms.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

HMAC-Based Authentication Protocol: Attacks and Improvements

As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...

متن کامل

A Mutual Authentication Method for Internet of Things

Today, we are witnessing the expansion of various Internet of Things (IoT) applications and services such as surveillance and health. These services are delivered to users via smart devices anywhere and anytime. Forecasts show that the IoT, which is controlled online in the user environment, will reach 25 billion devices worldwide by 2020. Data security is one of the main concerns in the IoT. ...

متن کامل

Process algebraic modeling of authentication protocols for analysis of parallel multi-session executions

Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...

متن کامل

Cryptographic Protocol Composition via the Authentication Tests

Although cryptographic protocols are typically analyzed in isolation, they are used in combinations. If a protocol Π1, when analyzed alone, was shown to meet some security goals, will it still meet those goals when executed together with a second protocol Π2? Not necessarily: for every Π1, some Π2s undermine its goals. We use the strand space “authentication test” principles to suggest a criter...

متن کامل

Security Protocol Design: A Case Study Using Key Distribution Protocols

Nowadays security protocols are a key component in providing security services for fixed and mobile networks. These services include data confidentiality, radio link encryption, message integrity, mobile subscriber authentication, electronic payment, certified e-mail, contract signing and nonrepudiation. This paper is concerned with design of effective security protocols. Security protocols are...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Journal of Computer Security

دوره 12  شماره 

صفحات  -

تاریخ انتشار 2004