Strategies against replay attacks

Aura, Tuomas

doi:10.1109/csfw.1997.596787

Cited by 51 publications

(45 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also suggest that practical techniques such as [6] may prove useful in making candidate protocols robust against such attacks. For example, by ensuring that the initiator challenge looks different to the respondent challenge.…”

Section: The Protocol Selectormentioning

confidence: 99%

“…For example, both message Cas(A |∼ N a) and Cas(A N a) are expressed by the same notation Cas (A, N a). To minimise the potential for replay attacks where 'similar' messages appear in different parts of a protocol, the messages are modified to make them distinct from one another [6]. For example, Cas(A, N a, 0) and Cas(A, N a, 1) or Cas(A, N a) and Cas(N a, A).…”

Section: Realising Idealised Protocolsmentioning

confidence: 99%

See 1 more Smart Citation

Fast automatic security protocol generation

Hong-bin

Foley

2012

JCS

View full text Add to dashboard Cite

An automatic security protocol generator is described that uses logic-based heuristic rules to guide it in a backward search for suitable protocols from protocol goals. The approach taken is unlike existing automatic protocol generators which typically carry out a forward search for candidate protocols from the protocol assumptions. A prototype generator has been built that performs well in the automatic generation of authentication and key exchange protocols.

show abstract

Section: The Protocol Selectormentioning

confidence: 99%

Section: Realising Idealised Protocolsmentioning

confidence: 99%

Fast automatic security protocol generation

Hong-bin

Foley

2012

JCS

View full text Add to dashboard Cite

show abstract

“…In this case an attacker tricks one of (or both) the principals into using a different protocol. Having generated a protocol P , techniques such as [3] may prove useful in making the protocol robust against such protocol-identity attacks. This requirement may also be expressed as additional goals that should be verified by the principles B and A, respectively,…”

Section: −1mentioning

confidence: 99%

Towards a Framework for Autonomic Security Protocols

Foley

Hong-bin

2005

Security Protocols

View full text Add to dashboard Cite

Abstract. This paper proposes a belief logic based approach that allows principals to negotiate and on-the-fly generate security protocols. When principals wish to interact then, rather than offering each other a fixed menu of 'known' protocols, they negotiate and generate a new protocol that is tailored specifically to their current security environment and requirements. This approach provides a basis for autonomic security protocols. Such protocols are self-configuring since only principal assumptions and protocol goals need to be a-priori configured. The approach has the potential to survive security compromises that can be modelled as changes in the beliefs of the principals. A compromise of a key or a change in the trust relationships between principals can result in a principal self-healing and synthesising a new protocol to survive the event.

show abstract

“…or suggesting one should use different encryption systems or add hashings to each message, e.g. [6,3]. Protocol designers are often unwilling to follow these guidelines.…”

Section: Introductionmentioning

confidence: 99%

On the Automated Correction of Protocols with Improper Message Encoding

Hutter¹,

Monroy

2009

Foundations and Applications of Security Analysis

View full text Add to dashboard Cite

Abstract. Security protocols are crucial to achieve trusted computing. However, designing security protocols is not easy and so security protocols are typically faulty and have to be repaired. Continuing previous work we present first steps to automate this repairing process, especially for protocols that are susceptible to type-flaw attacks. To this end, we extend the notion of strand spaces by introducing an implementation layer for messages and extending the capabilities of a penetrator to swap messages that share the same implementation. Based on this framework we are able to track type flaw attacks to incompatibilities between the way messages are implemented and the design of concrete security protocols. Heuristics are given to either change the implementation or the protocol to avoid these situations.

show abstract

Strategies against replay attacks

Cited by 51 publications

References 9 publications

Fast automatic security protocol generation

Fast automatic security protocol generation

Towards a Framework for Autonomic Security Protocols

On the Automated Correction of Protocols with Improper Message Encoding

Contact Info

Product

Resources

About