Secrecy by typing in security protocols
Journal of the ACM (JACM)
Securing Agent Based Architectures
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Transactional Security for a Distributed Reputation Management System
EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies
Thwarting Timing Attacks Using ATM Networks
Revised Papers from the 9th International Workshop on Security Protocols
Fast automatic synthesis of security protocols using backward search
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Protecting mobile agents from external replay attacks
Journal of Systems and Software
Replay attack in a fair exchange protocol
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Security protocols: principles and calculi tutorial notes
Foundations of security analysis and design IV
SkyNET: a 3G-enabled mobile attack drone and stealth botmaster
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Towards a framework for autonomic security protocols
Proceedings of the 11th international conference on Security Protocols
Replay attacks in mobile wireless ad hoc networks: protecting the OLSR protocol
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
On the automated correction of security protocols susceptible to a replay attack
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Fast automatic security protocol generation
Journal of Computer Security
Hi-index | 0.00 |
The goal of this paper is to present a set of design principles for avoiding replay attacks in cryptographic protocols. The principles are easily applied to real protocols and they do not consume excessive computing power or communications bandwidth. In particular, we describe how to type-tag messages with unique cryptographic functions, how to inexpensively implement the full information principle with hashes, and how to produce unique session keys without assuming mutual trust between the principals. The techniques do not guarantee security of protocols, but they are concrete ways for improving the robustness of the protocol design with relatively low cost.