Formally Analysing a Security Protocol for Replay Attacks

14 years 6 months ago

Download eprints.qut.edu.au

The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally speciﬁed the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the Symbolic Analysis Laboratory’s model checker. To produce accurate results efﬁciently, our formalism included an abstraction of the protocol’s data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker’s analysis conﬁrmed our suspicions about the protocol’s weakness.

Benjamin W. Long, Colin J. Fidge

Real-time Traffic

ASWEC 2006 | Kerberos-One-Time Protocol | Key Distribution Protocol | Model Checker | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	10 Jun 2010
Updated	10 Jun 2010
Type	Conference
Year	2006
Where	ASWEC
Authors	Benjamin W. Long, Colin J. Fidge

Comments (0)

Sciweavers

Formally Analysing a Security Protocol for Replay Attacks

ASWEC 2006 | Kerberos-One-Time Protocol | Key Distribution Protocol | Model Checker | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers