UCT CS Research Document Archive

Selection of an Attack-Construction Engine to Enhance Security Protocol Analysis

Lukell, Simon and Andrew Hutchison (2004) Selection of an Attack-Construction Engine to Enhance Security Protocol Analysis. In Proceedings Southern African Telecommunication Networks and Applications Conference (SATNAC) 2004, Spier Wine Estate.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.


In the context of providing an integrated environment for engineering of security protocols, the incorporation of an attack-construction analysis engine has been investigated. The purpose of such an engine is to search protocol specifications for possible replay attacks against it, returning a description of the attack if found. This kind of analysis complements the logic analysis tool already present in the environment, since it can find protocol vulnerabilities that the existing analysis is unable to detect. An investigation of six publicly available attackconstruction tools was conducted, considering criteria such as capability, efficiency and usability. More project-specific factors, such as suitability for integration, also played an important part. The outcome of the investigation was that the constraint-based system by Corin & Etalle (based on an initial system by Millen & Shmatikov) was the most suitable.

EPrint Type:Conference Paper
ID Code:152
Deposited By:Arnab, A
Deposited On:21 October 2004