Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key

Kim, Mijin; Jo, Heasuk; Kim, Seungjoo; Won, Dongho

doi:10.1007/978-3-642-02457-3_18

Cited by 5 publications

(17 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Initial Phase of the Kim-Jo-Kim-Won Protocol [39] can be expressed in the language of the logic as follows: Applying the Attack Detection Logic reveals the following weaknesses:  Rule R2.2 is activated twice, as H(g,NU) and H(H(g,NU),KUTTP) from S1 are symmetric in opposite direction to H(g,NS) and H(H(g,NS),KSTTP) from S2. Also, R4.1 is activated twice, as {H(g,NU) ,H(g,NS), n,H(NTTP)}KUTTP and {H(g,NU), H(g,NS)}H(H(g,NU), H(g,NS)) from S4 are not strong sender bound.…”

Section: Kjkw Protocol -Initial Phasementioning

confidence: 99%

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Jurcut

Coffey

Dojen

2019

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

This paper introduces a new logic-based technique for detecting security protocol weaknesses that are exploitable by freshness and interleaving session attacks. This technique is realised as a special purpose logic to be used throughout the protocol design stage, where a draft of the protocol is subjected to formal analysis prior to its publication or deployment. For any detected failures the analysis also reveals their cause, facilitating design corrections.The proposed Attack Detection Logic is introduced and its details, including the language, predicates, axioms, rules, semantics as well as soundness and completeness are presented. The effectiveness of the logic is evaluated in a case study, where it is demonstrated how to use the Attack Detection Logic as part of the design process of security protocols. Further, the logic is applied to a range of security protocols, including protocols with known weaknesses and protocols that are known to be secure. The logic's ability to detect various attacks is established by demonstrating that for protocols with known weaknesses, at least one detection rule is activated and no detection rule is activated for protocols without weaknesses. This case study confirms the logic's ability to detect design weaknesses exploitable by freshness and interleaving session attacks.

show abstract

Section: Kjkw Protocol -Initial Phasementioning

confidence: 99%

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Jurcut

Coffey

Dojen

2019

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…The authors in Ref. 15 have claimed that the protocol in Ref. 14 is insecure in the presence of an active adversary.…”

Section: Introductionmentioning

confidence: 99%

“…The major contributions made in this paper are summarized as follows: We analyse three types of possible attacks of off‐line guessing attacks , known key attacks and man‐in‐the‐middle attacks in the wireless networks and investigate the vulnerabilities of existing protocol under these three attacks. We propose a solution to prevent these attacks and to enhance the proposal in Ref. 15. We analyse the attacks of off‐line guessing by a formal model.…”

Section: Introductionmentioning

confidence: 99%

“…We propose a solution to prevent these attacks and to enhance the proposal in Ref. 15. We analyse the attacks of off‐line guessing by a formal model.…”

Section: Introductionmentioning

confidence: 99%

“…The rest of this article is organized as follows: in Section 2, we introduce the application environment of the AKD protocol and review an AKD protocol proposed in Ref. 15; in Section 3, three types of attacks are described. And the weaknesses of the proposal in Ref.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A security enhanced authentication and key distribution protocol for wireless networks

et al. 2011

Security Comm Networks

View full text Add to dashboard Cite

Authentication and key distribution (AKD) protocols become more and more important in the design of wireless networks. Especially, the communication efficiency and security are the critical factors. In this paper, we first analyse the vulnerabilities of an AKD protocol for wireless networks under three types of attacks. Then, we propose an enhanced AKD protocol to overcome those vulnerabilities with the security functionality to prevent those malicious attacks. Security analysis and formal verification mainly using Automated Validation of Internet Security Protocols and Applications toolkit show that the proposed protocol is secure against those attacks. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

An Authenticated Key Exchange to Improve the Security of Shi et al. and Kim et al.’s Protocols

Kim

Kwon²,

Won

2011

Web Information Systems and Mining

View full text Add to dashboard Cite

Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key

Cited by 5 publications

References 14 publications

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

A security enhanced authentication and key distribution protocol for wireless networks

An Authenticated Key Exchange to Improve the Security of Shi et al. and Kim et al.’s Protocols

Contact Info

Product

Resources

About