Abstract
Most work on requirements in the area of authentication protocols has concentrated on identifying requirements for the protocol without much consideration of context. Little work has concentrated on assumptions about the environment, for example, the applications that make use of authenticated keys. We will show in this paper how the interaction between a protocol and its environment can have a major effect on a protocol. Specifically we will demonstrate a number of attacks on published and/or widely used protocols that are not feasible against the protocol running in isolation (even with multiple runs) but become feasible in some application environments. We will also discuss the tradeo. between putting constraints on a protocol and putting constraints on the environment in which it operates.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
M. Abadi. Two facets of authentication. In Proceedings of the 11th IEEE Computer Security Foundations Workshop (CFW11), pages 25–32. IEEE Computer Society Press, June 1998.
M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6–15, January 1996.
Ross Anderson and Roger Needham. Robustness principles for public key protocols. In Proceedings of Crypto 96, pages 236–247. Springer-Verlag, LNCS 0963, 1996.
M._Bellare and P. Rogaway. Entity authentication and key distribution. In Advances in Cryptology-CRYPTO 93. Springer-Verlag, 1994.
J. Benaloh, B. Lampson, D. Simon, T. Spies, and B. Yee. The private communication technology protocol, October 1995. draft-benaloh-pct-00.txt.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In Advances in Cryptology-Proceedings of CRYPTO 91. Springer-Verlag, 1991.
R. Canetti. A unified framework for analyzing security of protocols, 2000. available at http://eprint.iacr.org/2000/067.
R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Proceedings of Eurocrypt 01. LNCS, May 2001.
R. Canetti, C. Meadows, and P. Syverson. Environmental requirements and authentication protocols. In Symposium on Requirements Engineering for Information Security, March 2001.
D. Chaum. Blind signatures for untraceable payments. In Advances in Cryptology-Proceedings of Crypto 82, pages 199–203, 1983.
G. Davida. Chosen signature cryptanalysis of the RSA (MIT) public key cryptosystem. Technical Report TR-CS-82-2, Dept. of EECS, University of Wisconsin-Milwaukee, October 1982.
D.E.R. Denning and G.M. Sacco. Timestamps in key distribution protocols. Communications of the ACM, 24(8):533–536, August 1981.
W. Diffie, P. C. van Oorschot, and M. J. Wiener. Authentication and authenticated key exchanges. Designs, Codes, and Cryptography, 2:107–125, 1992.
N. Doraswamy and D. Harkins. IPSEC: The New Security Standard for the Internet, Intranets, and Virtual Private Networks. Prentice Hall, 1999.
L. Gong and P. Syverson. Fail-stop protocols: An approach to designing secure protocols. In R. K. Iyer, M. Morganti, W. K. Fuchs, and V. Gligor, editors, Dependable Computing for Critical Applications 5, pages 79–100. IEEE Computer Society Press, 1998.
N. Heintze and J. D. Tygar. A model for secure protocols and their composition. IEEE Transactions on Software Engineering, 22(1):16–30, January 1996.
M. Joye and J.-J. Quisquater. On the importance of securing your bins: The garbage-man-in-the-middle attack. In 4th ACM Conference on Computer and Communications Security, pages 135–141. ACM Press, April 1997.
J. Kelsey, B. Schneier, and D. Wagner. Protocol interactions and the chosen protocol attack. In B. Christianson, B. Crispo, M. Lomas, and M. Roe, editors, Security Protocols 1997, volume 1361 of LNCS, pages 91–104. Springer-Verlag, April 1997.
H. Krawczyk. SKEME: A versatile secure key exchange mechanism for Internet. In Proceedings of the Internet Society Symposium on Network and Distributed System Security (NDSS), February 1996.
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Software-Concepts and Tools, 17:93–102, 1996.
G. Lowe. Some new attacks upon security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop (CSFW9), pages 162–169. IEEE Computer Society Press, June 1996.
C. Meadows. Open issues in formal methods for cryptographic protocol analysis. In DISCEX 2000: Proceedings of the DARPA Information Survivability Conference and Exposition, volume I, pages 237–250. IEEE Computer Society Press, January 2000.
R. M. Needham and M. D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 21(12):993–999, December 1978.
S. Pancho. Paradigm shifts in protocol analysis: Needham and Schroeder again? In Proceedings of the 1999 New Security Paradigms Workshop. ACM Computer Society Press, September 1999.
V. Shoup. On formal models for secure key exchange (version 4). Available at http://shoup.net/papers/, November 1999. Revision of IBM Research Report RZ 3120 (April 1999).
P. Syverson Limitations on design principles for public key protocols. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 62–72. IEEE Computer Society Press, May 1996.
F.J. Thayer Fárega and J.D. Guttman. Protocol independence through disjoint encryption. In Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW13), pages 24–34. IEEE Computer Society Press, June 2000.
F.J. Thayer Fábrega, J.C. Herzog, and J.D. Guttman. Mixed strand spaces. In Proceedings of the 12th IEEE Computer Security Foundations Workshop (CSFW12), pages 72–82. IEEE Computer Society Press, June 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Canetti, R., Meadows, C., Syverson, P. (2003). Environmental Requirements for Authentication Protocols. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_21
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive