FMOODS'10/FORTE'10 Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
International Journal of Business Intelligence and Data Mining
Hi-index | 0.00 |
Micali proposed a simple and practical optimistic fair exchange protocol, called ECS1, for contract signing. Bao et al. found some message replay attacks in both the original ECS1 and a modified ECS1 where the latter aims to solve an ambiguity in the former. Furthermore, Bao et al. proposed an improved ECS1 which aims to prevent all those attacks. In this paper, we present a systematic method to analyze the security of Micali's ECS1 by using Coloured Petri Nets (CPN). By using CPN, we found two new attacks in the original protocol, five new attacks in Bao's modified protocol and surprisingly one new attack in Bao's improved protocol. All these new attacks occur when multiple sessions of protocol execution are performed concurrently.