Abstract
We propose a simple classification method for public-key based authentication protocols, which consists of identifying several basic properties leading to a large number of generic prototypes for authentication. Most published protocols can be identified as a concrete instance of one of the generic types. The classification method provides a means to clarify the similarities and differences between different concrete protocols. This facilitates avoidance of previous mistakes when designing a new protocol and allows re-use of analysis of a given abstract protocol when classifying any given concrete protocol.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Martin Abadi and Roger Needham, “Prudent Engineering Practice for Cryptographic Protocols”, IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press, 1994.
ASPeCT, Initial Report on Security Requirements, AC095/ATEA/W21/DS/P/02/B, February 1996.
C. Boyd and D. Park, “Public Key Protocols for Wireless Communications”, ICISC’98, Korea, December 1998, pp. 47–57.
M. Burrows, M. Abadi, and R. Needham, “A logic of authentication”, DEC Systems Research Center, Report 39, revised February 22, 1990.
D. Gollmann, “What do we mean by entity authentication”, 1994 IEEE Symposium on Research in Security and Privacy, pp.46–54.
G. Horng and C.-K. Hsu, “Weakness in the Helsinki protocol”, Electronic Letters, 34, 1998, pp.354–355.
International Organization for Standardization, Geneve, Switzerland. ISO/IEC 2nd DIS 11770-3, Information technology Security techniques Key management; Part 3: Mechanisms using asymmetric techniques, July 1997.
ISO/IEC DIS 11770-3 “Information Technology-Security techniques-Key management-Part 3: Mechanisms using asymmetric techniques”, 1996
G. Lowe, “Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR”, Technical Report, PRG, Oxford University, 1995.
K. M. Martin and C. J. Mitchell, “Evaluation of authentication protocols for mobile environment value-added services”, Submitted, Aug. 1998. Available from http://isg.rhbnc.ac.uk/cjm/Chris_Mitchell.htm.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997, p. 492.
C. J. Mitchell and A. Thomas, “Standardising authentication protocols based on public key techniques”, Journal of Computer Security 2, 1993, pp. 23–36.
C. J. Mitchell and C. Y. Yeun, “Fixing a problem in the Helsinki protocol”, ACM Operating Review, 32 no. 4, 1998, pp.21–24.
Roger Needham and Michael Schroeder, “Using Encryption for Authentication in Large Networks of Computers”, Communications of the ACM, 21, pp.993–999, 1978.
C.-S. Park, “On Certicate-Based Security Protocols for Wireless Mobile Communication Systems”, IEEE Network, September/October 1997, pp.50–55.
Y. Yacobi and Z. Shmuely, “On Key Distributions”, Advances in Cryptology-CRYPTO’89, Proceedings, Lecture Notes in Computer Science, Vol. 435, Springer-Verlag, pages 344–355, 1989.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Park, D., Boyd, C., TDawson, E. (2000). Classification of Authentication Protocols: A Practical Approach. In: Goos, G., Hartmanis, J., van Leeuwen, J., Pieprzyk, J., Seberry, J., Okamoto, E. (eds) Information Security. ISW 2000. Lecture Notes in Computer Science, vol 1975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44456-4_15
Download citation
DOI: https://doi.org/10.1007/3-540-44456-4_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41416-2
Online ISBN: 978-3-540-44456-5
eBook Packages: Springer Book Archive