Timed Analysis of Security Protocols

R.J. Corin, Sandro Etalle, Pieter H. Hartel, Angelika H. Mader

    Research output: Contribution to journalArticleProfessional

    5 Citations (Scopus)
    11 Downloads (Pure)

    Abstract

    We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.
    Original languageUndefined
    Pages (from-to)619-645
    Number of pages27
    JournalJournal of computer security
    Volume15
    Issue number6
    DOIs
    Publication statusPublished - 2007

    Keywords

    • METIS-241545
    • EWI-673
    • SCS-Cybersecurity
    • IR-63382

    Cite this