Verifying the Independence of Security Protocols

Genge, Béla; Ignat, Iosif

doi:10.1109/iccp.2007.4352155

Cited by 4 publications

(6 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By inspecting the rather large number of reported attacks in the literature [14], [18], [20] we can agree that any modification brought upon a protocol can influence its existing security properties. Based on these concerns, the authors have developed in a previous paper [17] a framework for verifying the composability of security protocols.…”

Section: Security Requirementsmentioning

confidence: 99%

“…The first step towards the composition of these protocols consists in verifying the "key-secrecy independence" security requirement formulated by the authors in [17]. To achieve this, we specify the secret terms for the two involved protocols.…”

Section: Term Composition Algorithmmentioning

confidence: 99%

“…4, the complete connection is also maintained in the composed protocol. In addition, the second security requirement formulated by the authors in [17], i.e. "message independence", is also satisfied because messages have different cryptographical structures.…”

Section: Term Composition Algorithmmentioning

confidence: 99%

See 2 more Smart Citations

Term-Based Composition of Security Protocols

Genge

Haller

Ovidiu

et al. 2008

2008 IEEE International Conference on Automation, Quality and Testing, Robotics

View full text Add to dashboard Cite

Abstract-In the context of security protocol parallel composition, where messages belonging to different protocols can intersect each other, we introduce a new paradigm: termbased composition (i.e. the composition of message components also known as terms). First, we create a protocol specification model by extending the original strand spaces. Then, we provide a term composition algorithm based on which new terms can be constructed. To ensure that security properties are maintained, we introduce the concept of term connections to express the existing connections between terms and encryption contexts. We illustrate the proposed composition process by using two existing protocols.

show abstract

Section: Security Requirementsmentioning

confidence: 99%

Section: Term Composition Algorithmmentioning

confidence: 99%

See 1 more Smart Citation

Term-Based Composition of Security Protocols

Genge

Haller

Ovidiu

et al. 2008

2008 IEEE International Conference on Automation, Quality and Testing, Robotics

View full text Add to dashboard Cite

show abstract

“…A collection of strands is called a strand space. The strand space model was introduced by Guttman et all in [9] and extended by the authors with participant knowledge, specialized basic sets and explicit term construction in [10]. The resulting model is called a kstrand space.…”

Section: K-strands and K-strand Spacesmentioning

confidence: 99%

“…In this section we briefly present the concept of knowledge strands (k-strands) and typed strands (tstrands) used to model protocol participants. For a more detailed presentation, the reader is asked to consult the authors previous work [10].…”

Section: K-strands and T-strandsmentioning

confidence: 99%

Informal specification-based performance evaluation of security protocols

Genge

Haller

Ignat

et al. 2008

2008 4th International Conference on Intelligent Computer Communication and Processing

Self Cite

View full text Add to dashboard Cite

We propose a performance evaluation method for security protocols. Based on the informal specification, we construct a canonical model which includes, alongside protocol messages, cryptographic operations performed by participants in the process of message construction. Each cryptographic operation is assigned a cost modeled as a function of the size of processed message components. We model not only the size of regular message components but also the size of ciphertext produced by various cryptographic operations. We illustrate the applicability of our method by comparatively analyzing the performance of the original CCITT X.509 protocol and a slightly modified version of the same protocol.

show abstract