In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...

In the new standards for WLAN security, many choices exist for the authentication process. In this paper, we list eight desired properties of WLAN authentication protocols, survey eight recent authentication protocols, and analyze the protocols according to the desired properties.

Authentication protocols are known to be error prone. In this paper we identify non-methodical use of decryption as a typical design feature which is found in many published authentication protocols and is responsible for various problems in these protocols. We reason that authentication protocols can be greatly strengthened by the methodical use of decryption.

Compound authentication protocols, such as EAP in IKEv2 or SASL over TLS, bind application-level authentication to a transport-level authenticated channel in order to obtain strong composite authentication under weak trust assumptions. Despite their wide deployment, these protocols remain poorly understood, leading to several credential forwarding man-in-themiddle attacks. We present formal mod...

Recently new protocols have been proposed in IETF for protecting remote client authentication protoocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the sec...

Both the size, and the interconnectivity of computer networks are increasing tremendously. However, the possibility of an attack compromising the network is also increasing, making network security critical. Strong authentication protocols are needed to restrict network access to only authorised users. Most existing protocols for authentication and network access are based on centralised authen...

In practice, users will rely on a wide variety of communication protocols to conduct their work over the Internet. This paper discusses the security rami cations of using multiple authentication protocols. We demonstrate multi-protocol attacks and how they can be realized to defeat otherwise secure authentication protocols. We highlight this discussion with examples of attacks on a proposed sym...