382 research outputs found

    Automatic Methods for Analyzing Non-Repudiation Protocols with an Active Intruder

    Get PDF
    Non-repudiation protocols have an important role in many areas where secured transactions with proofs of participation are necessary. Formal methods are clever and without error, therefore using them for verifying such protocols is crucial. In this purpose, we show how to partially represent non-repudiation as a combination of authentications on the Fair Zhou-Gollmann protocol. After discussing its limits, we define a new method based on the handling of the knowledge of protocol participants. This method is very general and is of natural use, as it consists in adding simple annotations, like for authentication problems. The method is very easy to implement in tools able to handle participants knowledge. We have implemented it in the AVISPA Tool and analyzed the optimistic Cederquist-Corin- Dashti protocol, discovering two unknown attacks. This extension of the AVISPA Tool for handling non-repudiation opens a highway to the specification of many other properties, without any more change in the tool itself

    Automatic Methods for Analyzing Non-repudiation Protocole with an Active Intruder

    Get PDF
    International audienceNon-repudiation protocols have an important role in many areas where secured transactions with proofs of participation are necessary. Formal methods are clever and without error, therefore using them for verifying such protocols is crucial. In this purpose, we show how to partially represent non-repudiation as a combination of authentications on the Fair Zhou-Gollmann protocol. After discussing the limitations of this method, we define a new one based on the handling of the knowledge of protocol participants. This second method is general and of natural use, as it consists in adding simple annotations in the protocol specification. It is very easy to implement in tools able to handle participants knowledge. We have implemented it in the AVISPA Tool and analyzed the optimistic Cederquist-Corin-Dashti protocol, discovering two attacks. This extension of the AVISPA Tool for handling non-repudiation opens a highway to the specification of many other properties, without any more change in the tool itself

    Study for Automatically Analysing Non-repudiation

    Get PDF
    While security issues such as secrecy and authentication have been studied intensively, most interest in non-repudiation protocols has only come in recent years. Non-repudiation services must ensure that when two parties exchange informations over a network, neither one nor the other can deny having participated in this communication. Consequently a non-repudiation protocol has to generate evidences of participation to be used in the case of a dispute. In this paper, we present a description of non-repudiation services, and illustrate them on the Fair Zhou-Gollmann protocol. Then we show how to define non-repudiation properties with the AVISPA tool and explain how they can be automatically verified

    Electronic negotiation and security of information exchanged in e-commerce

    Full text link
    In settings such as electronic markets where trading partners have conflicting interests and a desire to cooperate, mobile agent mediated negotiation have become very popular. However, agent-based negotiation in electronic commerce involves the exchange of critical and sensitive data that must be highly safeguarded. Therefore, in order to give benefits of quick and safe trading to the trading partners, an approach that secures the information exchanged between the mobile agents during e-Commerce negotiations is needed. To this end, we discuss an approach that we refer to as Multi-Agent Security NEgotiation Protocol (MASNEP). To show that MASNEP protocol is free of attacks and thus the information exchanged throughout electronic negotiation is truly secured, we provide a formal proof on the correctness of the MASNEP.<br /

    Optimistic Non-repudiation Protocol Analysis

    Get PDF
    The original publication is available at www.springerlink.com ; ISBN 978-3-540-72353-0 (Pring) 0302-9743 (Online) 1611-3349International audienceNon-repudiation protocols with session labels have a number of vulnerabilities. Recently Cederquist, Corin and Dashti have proposed an optimistic non-repudiation protocol that avoids altogether the use of session labels. We have specified and analysed this protocol using an extended version of the AVISPA Tool and one important fault has been discovered. We describe the protocol, the analysis method, show two attack traces that exploit the fault and propose a correction to the protocol

    A Survey of Verification Techniques for Security Protocols

    Get PDF
    Security protocols aim to allow secure electronic communication despite the potential presence of eavesdroppers. Guaranteeing their correctness is vital in many applications. This report briefly surveys the many formal specification and verification techniques proposed for describing and analysing security protocols

    Fair Exchange in Strand Spaces

    Full text link
    Many cryptographic protocols are intended to coordinate state changes among principals. Exchange protocols coordinate delivery of new values to the participants, e.g. additions to the set of values they possess. An exchange protocol is fair if it ensures that delivery of new values is balanced: If one participant obtains a new possession via the protocol, then all other participants will, too. Fair exchange requires progress assumptions, unlike some other protocol properties. The strand space model is a framework for design and verification of cryptographic protocols. A strand is a local behavior of a single principal in a single session of a protocol. A bundle is a partially ordered global execution built from protocol strands and adversary activities. The strand space model needs two additions for fair exchange protocols. First, we regard the state as a multiset of facts, and we allow strands to cause changes in this state via multiset rewriting. Second, progress assumptions stipulate that some channels are resilient-and guaranteed to deliver messages-and some principals are assumed not to stop at certain critical steps. This method leads to proofs of correctness that cleanly separate protocol properties, such as authentication and confidentiality, from invariants governing state evolution. G. Wang's recent fair exchange protocol illustrates the approach
    • …
    corecore