Timed Analysis of Security Protocols

R.J. Corin, Sandro Etalle, Pieter H. Hartel, Angelika H. Mader

    Research output: Contribution to journalArticleProfessional

    4 Citations (Scopus)

    Abstract

    We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.
    Original languageUndefined
    Pages (from-to)619-645
    Number of pages27
    JournalJournal of computer security
    Volume15
    Issue number6
    DOIs
    Publication statusPublished - 2007

    Keywords

    • METIS-241545
    • EWI-673
    • SCS-Cybersecurity
    • IR-63382

    Cite this

    Corin, R.J. ; Etalle, Sandro ; Hartel, Pieter H. ; Mader, Angelika H. / Timed Analysis of Security Protocols. In: Journal of computer security. 2007 ; Vol. 15, No. 6. pp. 619-645.
    @article{d460472c417040119f2b0455f26fe8c7,
    title = "Timed Analysis of Security Protocols",
    abstract = "We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.",
    keywords = "METIS-241545, EWI-673, SCS-Cybersecurity, IR-63382",
    author = "R.J. Corin and Sandro Etalle and Hartel, {Pieter H.} and Mader, {Angelika H.}",
    note = "Imported from DIES",
    year = "2007",
    doi = "10.3233/JCS-2007-15603",
    language = "Undefined",
    volume = "15",
    pages = "619--645",
    journal = "Journal of computer security",
    issn = "0926-227X",
    publisher = "IOS Press",
    number = "6",

    }

    Timed Analysis of Security Protocols. / Corin, R.J.; Etalle, Sandro; Hartel, Pieter H.; Mader, Angelika H.

    In: Journal of computer security, Vol. 15, No. 6, 2007, p. 619-645.

    Research output: Contribution to journalArticleProfessional

    TY - JOUR

    T1 - Timed Analysis of Security Protocols

    AU - Corin, R.J.

    AU - Etalle, Sandro

    AU - Hartel, Pieter H.

    AU - Mader, Angelika H.

    N1 - Imported from DIES

    PY - 2007

    Y1 - 2007

    N2 - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

    AB - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

    KW - METIS-241545

    KW - EWI-673

    KW - SCS-Cybersecurity

    KW - IR-63382

    U2 - 10.3233/JCS-2007-15603

    DO - 10.3233/JCS-2007-15603

    M3 - Article

    VL - 15

    SP - 619

    EP - 645

    JO - Journal of computer security

    JF - Journal of computer security

    SN - 0926-227X

    IS - 6

    ER -