Reference : Chosen-name attacks: An overlooked class of type-flaw attacks
Scientific journals : Article
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/25871
Chosen-name attacks: An overlooked class of type-flaw attacks
English
Ceelen, Pieter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Mauw, Sjouke mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Radomirovic, Sasa [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
2008
Electronic Notes in Theoretical Computer Science
Elsevier
197
2
31-43
Yes
1571-0661
[en] security protocols ; automatic verification ; type-flaw attacks ; semantics
[en] In the context of Dolev-Yao style analysis of security protocols, we consider the capability of an intruder to dynamically choose and assign names to agents. This capability has been overlooked in all significant protocol verification frameworks based on formal methods. We identify and classify new type-flaw attacks arising from this capability. Several examples of protocols that are vulnerable to this type of attack are given, including Lowe’s modification of KSL. The consequences for automatic verification tools are discussed.
http://hdl.handle.net/10993/25871
10.1016/j.entcs.2007.12.015

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
CMR07.pdfPublisher postprint168.53 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.