Abstract
We present a reduction semantics for the LySa calculus extended with session information, for modelling cryptographic protocols, and a static analysis for it. If a protocol passes the analysis then it is free of replay attacks and thus preserves freshness. The analysis has been implemented and applied to a number of protocols, including both original and corrected version of Needham-Schroeder protocol. The experiment results show that the analysis is able to capture potential replay attacks.
This work has been partially supported by the project SENSORIA.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The Spi Calculus. Information and Computation 148(1), 1–70 (1999)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. IEEE Computer Society Press, Los Alamitos (2001)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Automatic Valication of Protocol Narration. In: Proceeding of Computer Security Foundations Workshop, pp. 126–140. IEEE Press, Los Alamitos (2003)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Static Validation of Security Protocols. Journal of Computer Security 13(3), 347–390 (2005)
Bodei, C., Degano, P., Gao, H., Brodo, L.: Detecting and Preventing Type flaws: a Contro Flow Analysis with tags. In: Proceeding of 5th International Workshop on Security Issues in Concurrency. ENTCS (to appear)
Bugliesi, M., Focardi, R., Maffei, M.: Authenticity by Tagging and Typing. In: Proceeding of 2nd ACM Workshop on Formal Methods in Security Engineering, ACM Press, New York (2004)
Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. ACM Transactions in Computer Systems 8(1), 18–36 (1990)
Comon-Lundh, H., Cortier, V.: Tree automata with one memory set constraints and cryptographic protocols. Theoretical Computer Science 331(1), 143–214 (2005)
Curti, M., Degano, P., Tatiana Baldari, C.: Causal π-Calculus for Biochemical Modelling. In: Priami, C. (ed.) CMSB 2003. LNCS, vol. 2602, pp. 21–33. Springer, Heidelberg (2003)
Denning, D.E., Maria Sacco, G.: Timestamps in Key Distribution Protocols. Communications of the ACM 24(8), 533–536 (1981)
Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE TIT, IT 29(12), 198–208 (1983)
Nielson, F., Seidl, H., Riis Nielson, H.: A Succinct Solver for ALFP. Nordic Journal of Computing 9, 335–372 (2002)
Gao, H., Riis Nielson, H.: Analysis of LYSA-calculus with explicit confidentiality annotations. In: Proceeding of Advanced Information Networking and Applications, IEEE Computer Society, Los Alamitos (2006)
Gordon, A.D., Jeffrey, A.: Authenticity by Typing for Security Protocols. In: Proceeding of Computer Security Foundations Symposium, IEEE, Los Alamitos (2001)
Gordon, A.D.: Typing Correspondence Assertions for Communication Protocols. In: Proceeding of Mathematical Foundations of Programming Semantics (2001)
Gordon, A.D., Jeffrey, A.: Types and Effects for Asymmetric Cryptographic Protocols. In: Proceeding of Computer Security Foundations Symposium, IEEE, Los Alamitos (2002)
IEEE Std 802.16e-2005, Standard for Local and metropolitan area networks Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum 1, IEEE, New York, USA (2006)
Meadows, C., Syverson, P., Cervesato, I.: Formal Specification and Analysis of the Group Domain of Interpretation Protocol Using NPATRL and the NRL Protocol Analyzer. Journal of Computer Security 12(6), 893–931 (2004)
Millen, J.K.: Term Replacement Algebra for the Interrogator. The MITRE Corporation, MP 97B65 (1997)
Milner, R.: Communicating and mobile systems: the π-calculus. Cambridge University Press, Cambridge (1999)
Needham, R., Schroeder, M.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(12) (December 1978)
Otway, D., Rees, O.: Efficient and Timely Mutual Authentication. Operating Systems Review 21(1), 8–10 (1987)
Paulson, L.C.: Inductive Analysis of the Internet Protocol TLS. ACM Transactions on Computer and System Security 2(3), 332–351 (1999)
Paulson, L.C.: The foundation of a generic theorem prover. Automated Reasoning 5, 363–397 (1989)
Syverson, P.: A Taxonomy of Replay attacks. In: Proceeding of Computer Security Foundations Symposium, IEEE Computer Society Press, Los Alamitos (1994)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gao, H., Bodei, C., Degano, P., Riis Nielson, H. (2007). A Formal Analysis for Capturing Replay Attacks in Cryptographic Protocols. In: Cervesato, I. (eds) Advances in Computer Science – ASIAN 2007. Computer and Network Security. ASIAN 2007. Lecture Notes in Computer Science, vol 4846. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76929-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-76929-3_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76927-9
Online ISBN: 978-3-540-76929-3
eBook Packages: Computer ScienceComputer Science (R0)