Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security

ISC 2002: Information Security pp 414–427Cite as

Automated Analysis of Some Security Mechanisms of SCEP*

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2433))

Abstract

The paper analyzes SCEP, the Simple Certificate Enrollment Procedure, a two-way communication protocol to manage the secure emission of digital certificates to network devices. The protocol provides a consistent method of requesting and receiving certificates from different Certification Authorities by offering an open and scalable solution for deploying certificates which can be beneficial to all network devices and IPSEC software solutions. We formally analyze SCEP through a software tool for the automatic analysis of cryptographic protocols able to discover, at a conceptual level, attacks against security procedures. Our method of survey contributes towards a better understanding of the structure and aims of a protocol both for developers, analyzers and final users.

Work partially supported by Microsoft Research Europe (Cambridge); by MIUR project “MEFISTO: Metodi Formali per la Sicurezza ed il Tempo”; by MIUR project “Tecniche e Strumenti Software per l'Analisi della Sicurezza delle Comunicazioni in Applicazioni Telematiche di Interesse Economico e Sociale”; by CNR project “Strumenti,Ambienti edApplicazioni Innovative per la Società dell’Informazione”; by CSP project “SeTAPS: Strumenti e Tecniche per l'Analisi di Protocolli di Sicurezza”.

SCEP is the evolution of specifications developed by Verisign Inc. and Cisco Systems and it is commercially available in both client and CA implementations.

Released on May 15, 2002, it will expire on November 15, 2002. As declared by the same authors, it has to be considered as a “work in progress”.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and A.D. Gordon. Reasoning about Cryptographic Protocols in the Spi Calculus. In Proc. of CONCUR’97, volume 1243 LNCS, pages 59–73. Springer, 1997.

    Google Scholar 

  2. T. Cichocki and J. Gorski. Formal Support for Fault Modeling and Analysis. In Proc. of SAFECOMP’01, volume 2187 LNCS, pages 190–199. Springer, 2001.

    MATH  Google Scholar 

  3. R. Focardi, R. Gorrieri, and F. Martinelli. Non Interference for the Analysis of Cryptographic Protocols. In Proc. of ICALP’00, volume 1853 LNCS, pages 354–372. Springer, 2000.

    MATH  Google Scholar 

  4. A. Giani, F. Martinelli, M. Petrocchi, and A. Vaccarelli. A Case Study with PaMoChSA: a Tool for the Automatic Analysis of Cryptographic Protocols. In Proc. of SCI-ISAS’01, volume 5, Orlando, July 2001.

    Google Scholar 

  5. R. Housley, W. Ford, W. Polk, and D. Solo. RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile, IETF, 1999. http://www.ietf.org/rfc/rfc2459.txt.

  6. X. Liu, C. Madson, D. McGrew, and A. Nourse. Internet Draft: draft-nourse-scep-06, Cisco Systems, 2002. http://www.vpnc.org/draft-nourse-scep.

  7. G. Lowe and A. W. Roscoe. Using CSP to Detect Errors in the TMN protocol. Software Engineering, 23(10):659–669, 1997.

    Article  Google Scholar 

  8. D. Marchignoli and F. Martinelli. Automatic Verification of Cryptographic Protocols through Compositional Analysis Techniques. In Proc. of TACAS’99, volume 1579 LNCS, 1999.

    Google Scholar 

  9. F. Martinelli. Analysis of Security Protocols as Open Systems. Theoretical Computer Science (to appear). A preliminary version in ICTCS,World Scientific, pages 304–315, 1998.

    Google Scholar 

  10. C. Meadows. Formal Verification of Cryptographic Protocols: a Survey. In ASIACRYPT’94: Advances in Cryptology, volume 917 LNCS, pages 135–150. Springer, 1995.

    Google Scholar 

  11. R. Milner. Communication and Concurrency. Prentice Hall, 1989.

    Google Scholar 

  12. R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Comm. of the ACM, 21(2):120–126, 1978.

    Article  MathSciNet  Google Scholar 

  13. F.B. Schneider. Applied Cryptography. J. Wiley & Sons, Inc, 1996.

    Google Scholar 

  14. V. Shmatikov and U. Stern. Efficient Finite State Analysis for Large Security Protocols. In Proc. of CSFW’98, pages 105–116. IEEE Computer Society Press, 1998.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Consiglio Nazionale delle Ricerche, Istituto per l’ormatica e la Telematica, Via G.Moruzzi 1, Pisa, Italy

    Fabio Martinelli, Marinella Petrocchi & Anna Vaccarelli

Authors
  1. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marinella Petrocchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Anna Vaccarelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. College of Computer Science, Northeastern University, 02115, Boston, MA, USA

    Agnes Hui Chan

  2. Department of Electrical and Computer Engineering, University of Maryland, 20742, College Park, MD, USA

    Virgil Gligor

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Martinelli, F., Petrocchi, M., Vaccarelli, A. (2002). Automated Analysis of Some Security Mechanisms of SCEP* . In: Chan, A.H., Gligor, V. (eds) Information Security. ISC 2002. Lecture Notes in Computer Science, vol 2433. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45811-5_32

Download citation

  • DOI: https://doi.org/10.1007/3-540-45811-5_32

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44270-7

  • Online ISBN: 978-3-540-45811-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation