Article

Dynamic analysis of security protocols

Author:

Alec YasinsacAuthors Info & Claims

NSPW '00: Proceedings of the 2000 workshop on New security paradigms

Pages 77 - 87

https://doi.org/10.1145/366173.366194

Published: 20 February 2001 Publication History

Get Access

References

[1]

Martin Abadi and Mark R. Turtle, "A Semantics for a Logic of Authentication", Tenth Annual ACM Syrup on Princ of Dist Computing, Montreal, Canada, August, 1991]]

Digital Library

Google Scholar

[2]

Burrows, M., Abadi, M., and Needham, R. M. "A Practical Study in Belief and Action", In Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge (Asilomar, Ca., Feb. 1988) M. Vardi, Ed. Morgan Kaufmann, Los Altos, Calif., 1988, pp. 325-342]]

Digital Library

Google Scholar

[3]

S. Brackin, "Automatically Detecting Most Vulnerabilities in Cryptographic Protocols", in The DARPA Information Survivability Conference and Exposition, January 2000, Vol. 1, pp 222-36]]

Google Scholar

[4]

Crosbie, M.; Dole, B.; Ellis, T.; Krsul, I.; Spafford, E, "IDIOT - Users Guide", Technical Report TR- 96-050, Purdue University, COAST Laboratory, Sept. 1996]]

Google Scholar

[5]

Dorothy E. Denning, "An Intrusion-Detection Model", From 1986 IEEE Computer Society Symposium on Research in Security and Privacy, pp 118-31]]

Google Scholar

[6]

D. E. Denning and G. M, Sacco, "Timestamps in key distribution protocols," Communications of the ACM, vol. 24, no. 8, Aug 1981, pp. 533-536]]

Digital Library

Google Scholar

[7]

Daniels and Spafford, "Identification of Host Audit Data to Detect Attacks on Low-level IP", Journal of Computer Security, Volume 7, Issue 1, 1999]]

Digital Library

Google Scholar

[8]

Dolev, D., and Yao, A.C. "On the security of public key protocols". IEEE Trans, Inf. Theory IT-29, 2(Mar. 1983), pp. 198-208. Also Stan-CS- 81-854, May 1981, Stanford U.]]

Digital Library

Google Scholar

[9]

A. Fiat and A. Shamir, "How to prove yourself: Practical solutions to identification and signature problems", Advances in Cryptology, Proc. of Crypto-'86 (Lecture Notes in Computer Science 263), Editor A. Odlyzko, Springer-Verlag, pp. 186-194, Santa Barbara, California, U. S. A., August 11-15, 1987]]

Digital Library

Google Scholar

[10]

Gregory, D; Shi, Q.; Merabti, M., 'An Intrusion Detection System Based upon Autonomous Mobile Agents", pp. 586-591, 14th International conference on Information security, 1998 Aug : Vienna]]

Google Scholar

[11]

Y. Jou, F. Gong, C. Sargor, X. Wu, S. Wu, H. Chang, and F. Wang, "Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 69-83]]

Google Scholar

[12]

R. A. Kemmerer, "Using Formal Methods to Analyze Encryption Protocols," IEEE Journal on Selected Areas in Communications, vol. 7, mo. 4, pp. 448-457, May 1989]]

Digital Library

Google Scholar

[13]

Rajeshekar Kailar and Virgil D. Gligor, "On Belief Evolution in Authentication Protocols", In Proceedings of the Computer Security Foundations Workshop IV, PP 103-16, IEEE Computer Society Press, Los Alamitos, CA, 1991]]

Crossref

Google Scholar

[14]

Sandeep Kumar and Eugene Spaffurd, "A Taxonomy of Common Computer Security Vulnerabilities Based on their Method of Detection", Technical Report, Purdue University, 1995]]

Google Scholar

[15]

J. Kelsey, B. Schneier, and D. Wagner, "Protocol Interactions and the Chosen Protocol Attack", Security Protocols, 5th, International Workshop April 1997, Proceedings, Springer-Verlag, 1998, pp.91-104]]

Digital Library

Google Scholar

[16]

R. Kemmerer, C. Meadows, and J. Millen, "Three Systems for Cryptographie Protocol Analysis", The Journal of Cryptology, Vol. 7, no. 2, 1993]]

Digital Library

Google Scholar

[17]

Ulf Lindqvist and Phillip A. Porras, "Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P- BEST)", 1999 IEEE Computer Society Symposium on Security and Privacy, pp 146-61]]

Google Scholar

[18]

R.P. Lippman, D.J. Fried, I.Graf, J.W. Haines, K.R. Kendall, D. McCllung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 12-26]]

Google Scholar

[19]

Gavin Lowe, "An Attack on the Needham- Schroeder Public Key Authentication Protocol", Information Processing Letters, 56:131-133, 1995]]

Digital Library

Google Scholar

[20]

Gavin Lowe, "Breaking and Fixing the Needham- Sehroeder Public Key Protocol Using FDR", In Proceedings of TACAS, Vol. 1055 of Lecture Notes in Computer Science, pp 147-166, Springer-Verlag, 1996.]]

Digital Library

Google Scholar

[21]

Gavin Lowe, "Casper: A Compiler for the Analysis of Security Protocols", Proceedings of l Oth IEEE Computer Security Foundations Workshop, 1997. Also in Journal of Computer Security, Volume 6, pages 53-84, 1998.]]

Digital Library

Google Scholar

[22]

MiUen, J.K., Clark, S. C., and Freedman, S. B. "The interrogator: Protocol security analysis". IEEE Trans. Sofw. eng. SE-13, 2(Feb. 1987), pp. 274-288]]

Digital Library

Google Scholar

[23]

Catherine Meadows, "Formal Verification of Cryptographic Protocols: A Survey," Advances in Cryptology - Asiacrypt '94, LNSC 917, Springer- Verlag, 1995, pp. 133-150]]

Google Scholar

[24]

Catherine Meadows, "Analysis of the Internet Key Exchange Protocol using the NRL Protocol Analyzer", 1999 IEEE Computer Society Symposium on Security and Privacy, pp 216-34]]

Google Scholar

[25]

Catherine Meadows, "A Formal Framework and Evaluation Method for Network Denial of Service", 12th IEEE Computer Security Foundations Workshop, Jun 28-30, 1999, Mordano, Italy]]

Digital Library

Google Scholar

[26]

Roger M. Needham, Michael D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers", Communications of the ACM, December 1978 vol. 21 #12, pp. 993-999]]

Digital Library

Google Scholar

[27]

R. Oppliger. Security issues related to mobile code and agent-based systems, pp. 1165-1170. Computer Communications, Vol. 22, No. 12 (July 1999):]]

Google Scholar

[28]

Lawrence C. Paulson, "Proving Security Protocols Correct"', in IEEE Symposium on Logic in Computer Science, Trento, Italy (1999), pp 370-81]]

Digital Library

Google Scholar

[29]

A. W. Roscoe, "The Theory and Practice of Concurrency", Prentice Hall, 1997]]

Digital Library

Google Scholar

[30]

Dawn Xiaodong Song, "Athena: A New Efficient Automatic Checker for Security Protocol Analysis", 12th IEEE Computer Security Foundations Workshop, Jun 28-30, 99, Mordano, Italy]]

Google Scholar

[31]

T. Sander, C. Tschudin, "Protecting Mobile Agents against Malicious Hosts", Lecture Notes in Computer Science, Special Issue on Mobile Agents, Edited by G. Vigna, 1998]]

Digital Library

Google Scholar

[32]

Paul Syverson, "'A Taxonomy of Replay Attacks," Proceedings of the Computer Security Foundations Workshop VII, Franconia NH, 1994 IEEE CS Press (Los Alamitos, 1994)]]

Google Scholar

[33]

F. Thayer, J.C. Herzog, and J.D. Guttman, "Strand Spaces: Why is a Security Protocol Correct?" In Proceedings of 1998 IEEE Symposium on Security and Privacy, 1998]]

Google Scholar

[34]

Brett Tjaden, "A Method for Examining Cryptographic Protocols" University of Virginia Doctoral Dissertation, January 1997]]

Digital Library

Google Scholar

[35]

Vigna and Kemmerer, "NetSTAT: A Networkbased Intrusion Detection System", Journal of Computer Security, Volume 7, Issue 1, 1999]]

Digital Library

Google Scholar

[36]

"Attacks on Encryption Code Raise Questions About Computer Vulnerability", Wayner, Peter, New York Times (01/05/00) P. C2]]

Google Scholar

[37]

Alec Yasinsac, "Evaluating Cryptographic Protocols:, Ph.D. Dissertation, University of Virginia, Jan 1996]]

Digital Library

Google Scholar

[38]

Yasinsac, Alec; Wulf, William A, "Evaluating Cryptographic Protocols", University of Virginia Technical Report, CS-93-66, December 22, 1993]]

Digital Library

Google Scholar

[39]

Alec Yasinsac and Wm. A. Wulf, "A Framework for A Cryptographic Protocol Evaluation Workbench", Proceedings of the Fourth IEEE International High Assurance Systems Engineering Symposium (HASE99), Washington D.C., Nov. 1999]]

Digital Library

Google Scholar

[40]

Alec Yasinsac, "Detecting Intrusions in Security Protocols", accepted to the Third ACM Workshop on Intrusion Detection Systems, Athens, Greece, Nov 1-4, 2000]]

Google Scholar

[41]

Susan Pancho, "Protocols", Proceedings of the New Security Paradigms Workshop", Sept. 1999]]

Google Scholar

[42]

Mihir Bellare and Phillip Rogaway, "Random Oracles are Practical: A Paradigm for Designing Efficient Protocols", Proceedings of the First ACM Conference on Communications and Computer Security, ACM, November, 1995]]

Digital Library

Google Scholar

[43]

Paul E. Proctor, The Practical Intrusion Detection Handbook. Prentice Hall, Inc. 2001, ISBN 013- 025960-8, pp 46-47]]

Digital Library

Google Scholar

Cited By

View all

Roy S(2021)Denial of Service Attack on Protocols for Smart Grid CommunicationsResearch Anthology on Combating Denial-of-Service Attacks10.4018/978-1-7998-5348-0.ch029(560-578)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-5348-0.ch029
Ku WChen S(2018)Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cardsIEEE Transactions on Consumer Electronics10.1109/TCE.2004.127786350:1(204-207)Online publication date: 28-Dec-2018
https://dl.acm.org/doi/10.1109/TCE.2004.1277863
Roy S(2017)Denial of Service Attack on Protocols for Smart Grid CommunicationsSecurity Solutions and Applied Cryptography in Smart Grid Communications10.4018/978-1-5225-1829-7.ch003(50-67)Online publication date: 2017
https://doi.org/10.4018/978-1-5225-1829-7.ch003
Show More Cited By

Index Terms

Dynamic analysis of security protocols

Recommendations

Security analysis of efficient (Un-) fair non-repudiation protocols
Abstract
An approach to protocol analysis using asynchronous product automata (APA) and the simple homomorphism verification tool (SHVT) is demonstrated on several variants of the well known Zhou–Gollmann fair non-repudiation protocol and on two more ...
Security analysis of two distance-bounding protocols
RFIDSec'11: Proceedings of the 7th international conference on RFID Security and Privacy

In this paper, we analyze the security of two recently proposed distance bounding protocols called the "Hitomi" and the "NUS" protocols. Our results show that the claimed security of both protocols has been overestimated. Namely, we show that the Hitomi ...
Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries

In the setting of secure multiparty computation, a set of mutually distrustful parties wish to securely compute some joint function of their private inputs. The computation should be carried out in a secure way, meaning that no coalition of corrupted ...

Comments

Information & Contributors

Information

Published In

NSPW '00: Proceedings of the 2000 workshop on New security paradigms

February 2001

168 pages

ISBN:1581132603

DOI:10.1145/366173

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 February 2001

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

NSPW00

Sponsor:

SIGSAC

NSPW00: New Security Paradigms 2000

September 18 - 21, 2000

Ballycotton, County Cork, Ireland

Acceptance Rates

NSPW '00 Paper Acceptance Rate 15 of 35 submissions, 43%;

Overall Acceptance Rate 98 of 265 submissions, 37%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
1,338
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Roy S(2021)Denial of Service Attack on Protocols for Smart Grid CommunicationsResearch Anthology on Combating Denial-of-Service Attacks10.4018/978-1-7998-5348-0.ch029(560-578)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-5348-0.ch029
Ku WChen S(2018)Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cardsIEEE Transactions on Consumer Electronics10.1109/TCE.2004.127786350:1(204-207)Online publication date: 28-Dec-2018
https://dl.acm.org/doi/10.1109/TCE.2004.1277863
Roy S(2017)Denial of Service Attack on Protocols for Smart Grid CommunicationsSecurity Solutions and Applied Cryptography in Smart Grid Communications10.4018/978-1-5225-1829-7.ch003(50-67)Online publication date: 2017
https://doi.org/10.4018/978-1-5225-1829-7.ch003
Murayama YHikage NHauser CChakraborty BSegawa N(2006)An Anshin Model for the Evaluation of the Sense of SecurityProceedings of the 39th Annual Hawaii International Conference on System Sciences - Volume 0810.1109/HICSS.2006.46Online publication date: 4-Jan-2006
https://dl.acm.org/doi/10.1109/HICSS.2006.46
Joglekar STate S(2004)ProtoMon: embedded monitors for cryptographic protocol intrusion detection and preventionInternational Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004.10.1109/ITCC.2004.1286430(81-88 Vol.1)Online publication date: 2004
https://doi.org/10.1109/ITCC.2004.1286430

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Security analysis of efficient (Un-) fair non-repudiation protocols

Security analysis of two distance-bounding protocols

Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

References

Cited By

Index Terms

Recommendations

Security analysis of efficient (Un-) fair non-repudiation protocols

Security analysis of two distance-bounding protocols

Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations