Uncovering attacks on security protocols

Wuu Yang

doi:10.1109/ICITA.2005.292

Uncovering attacks on security protocols

Wuu Yang^*

^*Corresponding author for this work

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Security protocols are indispensable in secure communication. We give an operational semantics of security protocols in terms of a Prolog-like language. With this semantics, we can uncover attacks on a security protocol that are possible with no more than a given number of rounds. Though our approach is exhaustive testing, the majority of fruitless search is cut off by selecting a small number of representative values that could be sent by an attacker. Hence, the number of scenarios is relatively small and our method is quite practical. Furthermore, our method not only reports possible attacks but also describes the attacks in great detail. This description would be very helpful to protocol designers and analyzers.

Original language	English
Title of host publication	Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005
Pages	572-575
Number of pages	4
DOIs	https://doi.org/10.1109/ICITA.2005.292
State	Published - 1 Dec 2005
Event	3rd International Conference on Information Technology and Applications, ICITA 2005 - Sydney, Australia Duration: 4 Jul 2005 → 7 Jul 2005

Publication series

Name	Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005
Volume	II

Conference

Conference	3rd International Conference on Information Technology and Applications, ICITA 2005
Country/Territory	Australia
City	Sydney
Period	4/07/05 → 7/07/05

Access to Document

10.1109/ICITA.2005.292

Cite this

@inproceedings{ba03a563410741829ba77051d208ee07,

title = "Uncovering attacks on security protocols",

abstract = "Security protocols are indispensable in secure communication. We give an operational semantics of security protocols in terms of a Prolog-like language. With this semantics, we can uncover attacks on a security protocol that are possible with no more than a given number of rounds. Though our approach is exhaustive testing, the majority of fruitless search is cut off by selecting a small number of representative values that could be sent by an attacker. Hence, the number of scenarios is relatively small and our method is quite practical. Furthermore, our method not only reports possible attacks but also describes the attacks in great detail. This description would be very helpful to protocol designers and analyzers.",

author = "Wuu Yang",

year = "2005",

month = dec,

day = "1",

doi = "10.1109/ICITA.2005.292",

language = "English",

isbn = "0769523161",

series = "Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005",

pages = "572--575",

booktitle = "Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005",

note = "3rd International Conference on Information Technology and Applications, ICITA 2005 ; Conference date: 04-07-2005 Through 07-07-2005",

}

Yang, W 2005, Uncovering attacks on security protocols. in Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005., 1489026, Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005, vol. II, pp. 572-575, 3rd International Conference on Information Technology and Applications, ICITA 2005, Sydney, Australia, 4/07/05. https://doi.org/10.1109/ICITA.2005.292

Uncovering attacks on security protocols. / Yang, Wuu.
Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005. 2005. p. 572-575 1489026 (Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005; Vol. II).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Uncovering attacks on security protocols

AU - Yang, Wuu

PY - 2005/12/1

Y1 - 2005/12/1

N2 - Security protocols are indispensable in secure communication. We give an operational semantics of security protocols in terms of a Prolog-like language. With this semantics, we can uncover attacks on a security protocol that are possible with no more than a given number of rounds. Though our approach is exhaustive testing, the majority of fruitless search is cut off by selecting a small number of representative values that could be sent by an attacker. Hence, the number of scenarios is relatively small and our method is quite practical. Furthermore, our method not only reports possible attacks but also describes the attacks in great detail. This description would be very helpful to protocol designers and analyzers.

AB - Security protocols are indispensable in secure communication. We give an operational semantics of security protocols in terms of a Prolog-like language. With this semantics, we can uncover attacks on a security protocol that are possible with no more than a given number of rounds. Though our approach is exhaustive testing, the majority of fruitless search is cut off by selecting a small number of representative values that could be sent by an attacker. Hence, the number of scenarios is relatively small and our method is quite practical. Furthermore, our method not only reports possible attacks but also describes the attacks in great detail. This description would be very helpful to protocol designers and analyzers.

UR - http://www.scopus.com/inward/record.url?scp=33646795345&partnerID=8YFLogxK

U2 - 10.1109/ICITA.2005.292

DO - 10.1109/ICITA.2005.292

M3 - Conference contribution

AN - SCOPUS:33646795345

SN - 0769523161

SN - 9780769523163

T3 - Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005

SP - 572

EP - 575

BT - Proceedings - 3rd International Conference on Information Technology and Applications, ICITA 2005

T2 - 3rd International Conference on Information Technology and Applications, ICITA 2005

Y2 - 4 July 2005 through 7 July 2005

ER -

Uncovering attacks on security protocols

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this