References of "Smith, Zachary Daniel 50022580"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailAutomated Identification of Desynchronisation Attacks on Shared Secrets
Mauw, Sjouke UL; Smith, Zachary Daniel UL; Toro Pozo, Jorge Luis UL et al

in Automated Identification of Desynchronisation Attacks on Shared Secrets (2018, September)

Key-updating protocols are a class of communication protocol that aim to increase security by having the participants change encryption keys between protocol executions. However, such protocols can be ... [more ▼]

Key-updating protocols are a class of communication protocol that aim to increase security by having the participants change encryption keys between protocol executions. However, such protocols can be vulnerable to desynchronisation attacks, a denial of service attack in which the agents are tricked into updating their keys improperly, so that they are no longer able to communicate. In this work we introduce a method that can be used to automatically verify (or falsify) resistance to desynchronisation attacks for a range of protocols. This approach is then used to identify previously unreported vulnerabilities in two published RFID grouping protocols. [less ▲]

Detailed reference viewed: 56 (7 UL)
Full Text
Peer Reviewed
See detailDistance-Bounding Protocols: Verification without Time and Location
Mauw, Sjouke UL; Smith, Zachary Daniel UL; Toro Pozo, Jorge Luis UL et al

in Proceedings of IEEE Symposium on Security and Privacy (SP), San Francisco 21-23 May 2018 (2018)

Distance-bounding protocols are cryptographic protocols that securely establish an upper bound on the physi- cal distance between the participants. Existing symbolic verification frameworks for distance ... [more ▼]

Distance-bounding protocols are cryptographic protocols that securely establish an upper bound on the physi- cal distance between the participants. Existing symbolic verification frameworks for distance-bounding protocols consider timestamps and the location of agents. In this work we introduce a causality-based characterization of secure distance-bounding that discards the notions of time and location. This allows us to verify the correct- ness of distance-bounding protocols with standard pro- tocol verification tools. That is to say, we provide the first fully automated verification framework for distance- bounding protocols. By using our framework, we con- firmed known vulnerabilities in a number of protocols and discovered unreported attacks against two recently published protocols. [less ▲]

Detailed reference viewed: 51 (8 UL)