Automated Identification of Desynchronisation Attacks on Shared Secrets

Mauw, Sjouke; Smith, Zachary Daniel; Toro Pozo, Jorge Luis; Trujillo Rasua, Rolando

Reference : Automated Identification of Desynchronisation Attacks on Shared Secrets


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/37278

Title :	Automated Identification of Desynchronisation Attacks on Shared Secrets
Language :	English
Author, co-author :	Mauw, Sjouke [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Smith, Zachary Daniel [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Toro Pozo, Jorge Luis [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Trujillo Rasua, Rolando [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Publication date :	Sep-2018
Main document title :	Automated Identification of Desynchronisation Attacks on Shared Secrets
Publisher :	Springer
Peer reviewed :	Yes
Audience :	International
Event name :	European Symposium on Research in Computer Security
Event date :	from 03-09-2018 to 07-09-2018
Keywords :	[en] security ; desynchronisation ; key update
Abstract :	[en] Key-updating protocols are a class of communication protocol that aim to increase security by having the participants change encryption keys between protocol executions. However, such protocols can be vulnerable to desynchronisation attacks, a denial of service attack in which the agents are tricked into updating their keys improperly, so that they are no longer able to communicate. In this work we introduce a method that can be used to automatically verify (or falsify) resistance to desynchronisation attacks for a range of protocols. This approach is then used to identify previously unreported vulnerabilities in two published RFID grouping protocols.
Target :	Researchers ; Professionals ; Students
Permalink :	http://hdl.handle.net/10993/37278

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Limited access	Desynchronisation-Esorics-2018.pdf		Author preprint	474.21 kB	Request a copy

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices