Modeling and analyzing security in the presence of compromising adversaries

Authors:
David Basin;Cas Cremers
Affiliations:
Department of Computer Science, ETH Zurich;Department of Computer Science, ETH Zurich
Venue:
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Year:
2010

Citing 26
Cited 5

An identity-based key-exchange protocol

EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case

STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Relations between secrets: two formal analyses of the Yahalom protocol

Journal of Computer Security
Handbook of Applied Cryptography

Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement

Designs, Codes and Cryptography
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Authenticated Multi-Party Key Agreement

ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Towards computationally sound symbolic analysis of key exchange protocols

Proceedings of the 2005 ACM workshop on Formal methods in security engineering
A Computationally Sound Mechanized Prover for Security Protocols

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Just fast keying in the pi calculus

ACM Transactions on Information and System Security (TISSEC)
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS

Designs, Codes and Cryptography
Securing group key exchange against strong corruptions

Proceedings of the 2008 ACM symposium on Information, computer and communications security
Comparing the Pre- and Post-specified Peer Models for Key Agreement

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols

CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Unbounded verification, falsification, and characterization of security protocols by pattern refinement

Proceedings of the 15th ACM conference on Computer and communications security
Session-state Reveal Is Stronger Than Ephemeral Key Reveal: Attacking the NAXOS Authenticated Key Exchange Protocol

ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On security models and compilers for group key exchange protocols

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Stronger security of authenticated key exchange

ProvSec'07 Proceedings of the 1st international conference on Provable security
Degrees of security: protocol guarantees in the face of compromising adversaries

CSL'10/EACSL'10 Proceedings of the 24th international conference/19th annual conference on Computer science logic
Examining indistinguishability-based proof models for key establishment protocols

ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
On session identifiers in provably secure protocols: the Bellare-Rogaway three-party key distribution protocol revisited

SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
HMQV: a high-performance secure diffie-hellman protocol

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Security analysis of KEA authenticated key exchange protocol

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography

Keeping data secret under full compromise using porter devices

Proceedings of the 26th Annual Computer Security Applications Conference
Session-StateReveal is stronger than eCKs EphemeralKeyReveal: using automatic analysis to attack the NAXOS protocol

International Journal of Applied Cryptography
Key exchange in IPsec revisited: formal analysis of IKEv1 and IKEv2

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Taxonomical security consideration of authenticated key exchange resilient to intermediate computation leakage

ProvSec'11 Proceedings of the 5th international conference on Provable security
The research value of publishing attacks

Communications of the ACM

Quantified Score

Hi-index	0.02

Visualization

Abstract

We present a framework for modeling adversaries in security protocol analysis, ranging from a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of principals' states during protocol execution. Our adversary models unify and generalize many existing security notions from both the computational and symbolic settings. We extend an existing symbolic protocol-verification tool with our adversary models, resulting in the first tool that systematically supports notions such as weak perfect forward secrecy, key compromise impersonation, and adversaries capable of state-reveal queries. In case studies, we automatically find new attacks and rediscover known attacks that previously required detailed manual analysis.