Attack Analysis of Cryptographic Protocols Using Strand Spaces
Lukell, Simon and Andrew Hutchison (2003) Attack Analysis of Cryptographic Protocols Using Strand Spaces. In Proceedings 3rd annual Information Security South Africa Conference, Pretoria, South Africa.
Network security protocols make use of cryptographic techniques to achieve goals such as confidentiality, authentication, integrity and non-repudiation. However, the fact that strong cryptographic algorithms exist does not guarantee the security of a communications system. In fact, it is recognised that the engineering of security protocols is a very challenging task, since protocols that appear secure can contain subtle flaws and vulnerabilities that attackers can exploit. A number of techniques exist for the analysis of security protocol specifications. Each of the techniques currently available is not capable of detecting every possible flaw or attack against a protocol when used in isolation. However, when combined, these techniques all complement each other and allow a protocol engineer to obtain a more accurate overview of the security of a protocol that is being designed. This fact, amongst others, is the rationale for multi-dimensional security protocol engineering, a concept introduced by previous projects in the DNA group. We propose an attack construction approach to security protocol analysis within a multi-dimensional context. This analysis method complements the method used in the existing inference construction analysis tools developed earlier in the group. This paper gives a brief overview of the concepts associated with our project, including a summary of existing security protocol analysis techniques, and a description of the strand space model, which is the intended formalism for the analysis.
|EPrint Type:||Conference Paper|
|Deposited By:||Arnab, A|
|Deposited On:||06 May 2004|