Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
The Murphi Verification System
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
A Formal Analysis of Some Properties of Kerberos 5 Using MSR
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Compositional Logic for Protocol Correctness
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Abstraction and Refinement in Protocol Derivation
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Analysis of the 802.11i 4-way handshake
Proceedings of the 3rd ACM workshop on Wireless security
An Encapsulated Authentication Logic for Reasoning about Key Distribution Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Computational and Information-Theoretic Soundness and Completeness of Formal Encryption
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Computational soundness for standard assumptions of formal cryptography
Computational soundness for standard assumptions of formal cryptography
A modular correctness proof of IEEE 802.11i and TLS
Proceedings of the 12th ACM conference on Computer and communications security
A derivation system and compositional logic for security protocols
Journal of Computer Security
Computationally Sound Compositional Logic for Key Exchange Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Inductive Proofs of Computational Secrecy
ESORICS '07 Proceedings of the 12th European symposium on Research In Computer Security
Secrecy analysis in protocol composition logic
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Formal proofs of cryptographic security of Diffie-Hellman-based protocols
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Probabilistic polynomial-time semantics for a protocol security logic
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Computationally sound implementations of equational theories against passive adversaries
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Universally composable symbolic analysis of mutual authentication and key-exchange protocols
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Finding security vulnerabilities in a network protocol using parameterized systems
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Hi-index | 0.00 |
The EAP-GPSK protocol is a lightweight, flexible authentication protocol relying on symmetric key cryptography. It is part of an ongoing IETF process to develop authentication methods for the EAP framework. We analyze the protocol and find three weaknesses: a repairable Denial-of-Service attack, an anomaly with the key derivation function used to create a short-term master session key, and a ciphersuite downgrading attack. We propose fixes to these anomalies, and use a finite-state verification tool to search for remaining problems after making these repairs. We then prove the fixed version correct using a protocol verification logic. We discussed the attacks and our suggested fixes with the authors of the specification document which has subsequently been modified to include our proposed changes.