Timed analysis of security protocols

R.J. Corin; S. Etalle; P.H. Hartel; A.H. Mader

Timed analysis of security protocols

R.J. Corin, S. Etalle, P.H. Hartel, A.H. Mader

Research output: Contribution to journal › Article › Academic › peer-review

Abstract

We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

Original language	English
Pages (from-to)	619-645
Journal	Journal of Computer Security
Volume	15
Issue number	6
Publication status	Published - 2007

Cite this

@article{d9a941c55fed4fb1b6dbaa17d5f30aa2,

title = "Timed analysis of security protocols",

abstract = "We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.",

author = "R.J. Corin and S. Etalle and P.H. Hartel and A.H. Mader",

year = "2007",

language = "English",

volume = "15",

pages = "619--645",

journal = "Journal of Computer Security",

issn = "0926-227X",

publisher = "IOS Press",

number = "6",

}

TY - JOUR

T1 - Timed analysis of security protocols

AU - Corin, R.J.

AU - Etalle, S.

AU - Hartel, P.H.

AU - Mader, A.H.

PY - 2007

Y1 - 2007

N2 - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

AB - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

M3 - Article

SN - 0926-227X

VL - 15

SP - 619

EP - 645

JO - Journal of Computer Security

JF - Journal of Computer Security

IS - 6

ER -

Timed analysis of security protocols

Abstract

Fingerprint

Cite this