Feasibility of multi-protocol attacks

C.J.F. Cremers

doi:10.1109/ARES.2006.63

Feasibility of multi-protocol attacks

C.J.F. Cremers

Formal System Analysis

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

34 Citations (Scopus)

Abstract

Formal modeling and verification of security protocols typically assumes that a protocol is executed in isolation, without other protocols sharing the network. We investigate the existence of multi-protocol attacks on protocols described in literature. Given two or more protocols, that share key structures and are executed in the same environment, are new attacks possible? Out of 30 protocols from literature, we find that 23 are vulnerable to multi-protocol attacks. We identify two likely attack patterns and sketch a tagging scheme to prevent multi-protocol attacks.

Original language	English
Title of host publication	Proceedings of the First International Conference in Availability, Reliability and Security (ARES, Vienna, Austria, April 20-22, 2006)
Publisher	IEEE Computer Society
Pages	287-294
ISBN (Print)	0-7695-2567-9
DOIs	https://doi.org/10.1109/ARES.2006.63
Publication status	Published - 2006

Access to Document

10.1109/ARES.2006.63

Cite this

@inproceedings{a9360baf927443e0b999797cf9137ac2,

title = "Feasibility of multi-protocol attacks",

abstract = "Formal modeling and verification of security protocols typically assumes that a protocol is executed in isolation, without other protocols sharing the network. We investigate the existence of multi-protocol attacks on protocols described in literature. Given two or more protocols, that share key structures and are executed in the same environment, are new attacks possible? Out of 30 protocols from literature, we find that 23 are vulnerable to multi-protocol attacks. We identify two likely attack patterns and sketch a tagging scheme to prevent multi-protocol attacks.",

author = "C.J.F. Cremers",

year = "2006",

doi = "10.1109/ARES.2006.63",

language = "English",

isbn = "0-7695-2567-9",

pages = "287--294",

booktitle = "Proceedings of the First International Conference in Availability, Reliability and Security (ARES, Vienna, Austria, April 20-22, 2006)",

publisher = "IEEE Computer Society",

address = "United States",

}

TY - GEN

T1 - Feasibility of multi-protocol attacks

AU - Cremers, C.J.F.

PY - 2006

Y1 - 2006

N2 - Formal modeling and verification of security protocols typically assumes that a protocol is executed in isolation, without other protocols sharing the network. We investigate the existence of multi-protocol attacks on protocols described in literature. Given two or more protocols, that share key structures and are executed in the same environment, are new attacks possible? Out of 30 protocols from literature, we find that 23 are vulnerable to multi-protocol attacks. We identify two likely attack patterns and sketch a tagging scheme to prevent multi-protocol attacks.

AB - Formal modeling and verification of security protocols typically assumes that a protocol is executed in isolation, without other protocols sharing the network. We investigate the existence of multi-protocol attacks on protocols described in literature. Given two or more protocols, that share key structures and are executed in the same environment, are new attacks possible? Out of 30 protocols from literature, we find that 23 are vulnerable to multi-protocol attacks. We identify two likely attack patterns and sketch a tagging scheme to prevent multi-protocol attacks.

U2 - 10.1109/ARES.2006.63

DO - 10.1109/ARES.2006.63

M3 - Conference contribution

SN - 0-7695-2567-9

SP - 287

EP - 294

BT - Proceedings of the First International Conference in Availability, Reliability and Security (ARES, Vienna, Austria, April 20-22, 2006)

PB - IEEE Computer Society

ER -

Feasibility of multi-protocol attacks

Abstract

Access to Document

Fingerprint

Cite this