Yuqing Zhang
Abstract
The Secure-Socket Layer (SSL) protocol is analyzed using a formal analysis mehod called the approach of the running-mode analysis. This analysis uncovers successfully some anomalies in the basic SSL handshake protocol. And we give some attacks on these anomalies.
- S. Dietrich. A Formal Analysis of the Secure Sockets Layer Protocol. PhD thesis, Dept. Mathematics and Computer Science, Adelphi University, April 1997.Google Scholar
- Alan O. freier, Philip Karlton and Paul C. Kocher. The SSL version 3.0, Internet-draft, Netscape Communications, 18.11.1996.Google Scholar
- J. C. Mitchell, V. Shmatikov, U. Stern. Finite-State Analysis of SSL 3.0. In 7th USENIX Security Symposium, San Antonio, 1998, pages 201--216. Google ScholarDigital Library
- D. Wagner and B. Schneiner. Analysis of the SSL 3.0 Protocol. In 2nd USENIX Workshop on Elecctronic Commerce, 1996. Revised version of November 19, 1996 available form http://www.cs.berkely.edu/~daw/ssl3.0.ps. Google ScholarDigital Library
- Yuqing ZHANG, Jihong LI and Guozhen XIAO. An approach to the formal verification of the two-party cryptographic protocols. ACM Operating Systems Review, 1999, October, 33(4):48--51. Google ScholarDigital Library
Index Terms
- Running-mode analysis of the Security Socket Layer protocol
Recommendations
Security of Indirect-Authenticated Key Exchange Protocol
IIH-MSP '09: Proceedings of the 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal ProcessingSecurity issues play an important role in modern communication worlds. Via distrusted networks, exchanged messages need to be encrypted by a session key for security requirements. Session keys are preferred to be generated by communication parties, and ...
The Security Analysis on Otway-Rees Protocol Based on BAN Logic
ICCIS '12: Proceedings of the 2012 Fourth International Conference on Computational and Information SciencesThis paper analyzes the Otway-Rees protocol based on BAN logic after has introducing the BAN logic. It has verified that the BAN logic can be used formally and prove the correctness and security of the protocols, which indicates that BAN logic is an ...
The running-mode analysis of two-party optimistic fair exchange protocols
CIS'05: Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part IIIn this paper, we present a method of running-mode to analyze the fairness of two-party optimistic fair exchange protocols. After discussing the premises and assumptions of analysis introduced in this technique, we deduce all the possible running modes ...
Comments