An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Using encryption for authentication in large networks of computers
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An NP Decision Procedure for Protocol Insecurity with XOR
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
On Message Integrity in Cryptographic Protocols
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Theory of Dictionary Attacks and its Complexity
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
Formal characterization and automated analysis of known-pair and chosen-text attacks
IEEE Journal on Selected Areas in Communications
Cap unification: application to protocol security modulo homomorphic encryption
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Protocol verification via rigid/flexible resolution
LPAR'07 Proceedings of the 14th international conference on Logic for programming, artificial intelligence and reasoning
A formal implementation of value commitment
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Protocol analysis in Maude-NPA using unification modulo homomorphic encryption
Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming
Unification Modulo Homomorphic Encryption
Journal of Automated Reasoning
LATA'12 Proceedings of the 6th international conference on Language and Automata Theory and Applications
Hi-index | 0.00 |
In this paper we report on an analysis for finding known-pair and chosen-text attacks in protocols. As these attacks are at the level of blocks, we extend the attacker by special capabilities related to block chaining techniques. The analysis is automated using Blanchet's protocol verifier and illustrated on two well-known protocols, the Needham-Schroeder-Lowe public-key protocol as well as the Needham-Schroeder symmetric-key protocol. On the first protocol, we show how the special intruder capabilities related to chaining may compromise the secrecy of nonces and that chosen- ciphertext attacks are possible. We propose two modified versions of the protocol which strengthen its security. We then illustrate known-pair and chosen-plaintext attacks on the second protocol.