{"title":"正式分析重播攻击的安全协议","authors":"Benjamin W. Long, C. Fidge","doi":"10.1109/ASWEC.2006.30","DOIUrl":null,"url":null,"abstract":"The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally specified the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the symbolic analysis laboratory's model checker. To produce accurate results efficiently, our formalism included an abstraction of the protocol's data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker's analysis confirmed our suspicions about the protocol's weakness","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Formally analysing a security protocol for replay attacks\",\"authors\":\"Benjamin W. Long, C. Fidge\",\"doi\":\"10.1109/ASWEC.2006.30\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally specified the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the symbolic analysis laboratory's model checker. To produce accurate results efficiently, our formalism included an abstraction of the protocol's data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker's analysis confirmed our suspicions about the protocol's weakness\",\"PeriodicalId\":285684,\"journal\":{\"name\":\"Australian Software Engineering Conference (ASWEC'06)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Australian Software Engineering Conference (ASWEC'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ASWEC.2006.30\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Australian Software Engineering Conference (ASWEC'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASWEC.2006.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Formally analysing a security protocol for replay attacks
The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally specified the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the symbolic analysis laboratory's model checker. To produce accurate results efficiently, our formalism included an abstraction of the protocol's data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker's analysis confirmed our suspicions about the protocol's weakness
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
