[en] Key-updating protocols are a class of communication protocol
that aim to increase security by having the participants change encryption
keys between protocol executions. However, such protocols can
be vulnerable to desynchronisation attacks, a denial of service attack in
which the agents are tricked into updating their keys improperly, so that
they are no longer able to communicate. In this work we introduce a
method that can be used to automatically verify (or falsify) resistance to
desynchronisation attacks for a range of protocols. This approach is then
used to identify previously unreported vulnerabilities in two published
RFID grouping protocols.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
MAUW, Sjouke ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
SMITH, Zachary Daniel ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
TORO POZO, Jorge Luis ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
TRUJILLO RASUA, Rolando ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
Automated Identification of Desynchronisation Attacks on Shared Secrets
Date de publication/diffusion :
septembre 2018
Nom de la manifestation :
European Symposium on Research in Computer Security
Date de la manifestation :
from 03-09-2018 to 07-09-2018
Manifestation à portée :
International
Titre de l'ouvrage principal :
Automated Identification of Desynchronisation Attacks on Shared Secrets
