ACM Transactions on Computer Systems (TOCS)
Two attacks on Neuman-Stubblebine authentication protocols
Information Processing Letters
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Casper: a compiler for the analysis of security protocols
Journal of Computer Security
PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A hybrid authentication protocol for large mobile network
Journal of Systems and Software
Formal verification: an imperative step in the design of security protocols
Computer Networks: The International Journal of Computer and Telecommunications Networking
Cryptanalysis of a hybrid authentication protocol for large mobile networks
Journal of Systems and Software
Security weakness in a three-party pairing-based protocol for password authenticated key exchange
Information Sciences: an International Journal
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Hi-index | 0.00 |
The use of security protocols to protect sensitive information is critical. However, flaws in the design of security protocols can make them ineffective. This paper discusses various attacks against security protocols that exploit weaknesses in their design and a key-distribution protocol is analysed using a model checker. The analysis reveals weaknesses in the protocol, which can be exploited in a parallel session attack that allows an attacker to impersonate a legitimate principal. Correction to the protocol are proposed and a formal analysis of the fix is presented. The results of this analysis provide confidence in the correctness and effectiveness of the proposed corrected protocol.