Timed Analysis of Security Protocols

R.J. Corin, Sandro Etalle, Pieter H. Hartel, Angelika H. Mader

    Research output: Book/ReportReportProfessional

    62 Downloads (Pure)

    Abstract

    We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherDistributed and Embedded Security (DIES)
    Number of pages30
    Publication statusPublished - Mar 2005

    Publication series

    NameCTIT Technical Report Series
    PublisherUniversity of Twente, Centre for Telematics and Information Technology (CTIT)
    No.TR-CTIT-05-14
    ISSN (Print)1381-3625

    Keywords

    • SCS-Cybersecurity
    • METIS-248113
    • EWI-5744
    • IR-57017

    Cite this

    Corin, R. J., Etalle, S., Hartel, P. H., & Mader, A. H. (2005). Timed Analysis of Security Protocols. (CTIT Technical Report Series; No. TR-CTIT-05-14). Enschede: Distributed and Embedded Security (DIES).
    Corin, R.J. ; Etalle, Sandro ; Hartel, Pieter H. ; Mader, Angelika H. / Timed Analysis of Security Protocols. Enschede : Distributed and Embedded Security (DIES), 2005. 30 p. (CTIT Technical Report Series; TR-CTIT-05-14).
    @book{c36ee436f44145c9ad47c096238e7890,
    title = "Timed Analysis of Security Protocols",
    abstract = "We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.",
    keywords = "SCS-Cybersecurity, METIS-248113, EWI-5744, IR-57017",
    author = "R.J. Corin and Sandro Etalle and Hartel, {Pieter H.} and Mader, {Angelika H.}",
    note = "Imported from CTIT",
    year = "2005",
    month = "3",
    language = "Undefined",
    series = "CTIT Technical Report Series",
    publisher = "Distributed and Embedded Security (DIES)",
    number = "TR-CTIT-05-14",

    }

    Corin, RJ, Etalle, S, Hartel, PH & Mader, AH 2005, Timed Analysis of Security Protocols. CTIT Technical Report Series, no. TR-CTIT-05-14, Distributed and Embedded Security (DIES), Enschede.

    Timed Analysis of Security Protocols. / Corin, R.J.; Etalle, Sandro; Hartel, Pieter H.; Mader, Angelika H.

    Enschede : Distributed and Embedded Security (DIES), 2005. 30 p. (CTIT Technical Report Series; No. TR-CTIT-05-14).

    Research output: Book/ReportReportProfessional

    TY - BOOK

    T1 - Timed Analysis of Security Protocols

    AU - Corin, R.J.

    AU - Etalle, Sandro

    AU - Hartel, Pieter H.

    AU - Mader, Angelika H.

    N1 - Imported from CTIT

    PY - 2005/3

    Y1 - 2005/3

    N2 - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

    AB - We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.

    KW - SCS-Cybersecurity

    KW - METIS-248113

    KW - EWI-5744

    KW - IR-57017

    M3 - Report

    T3 - CTIT Technical Report Series

    BT - Timed Analysis of Security Protocols

    PB - Distributed and Embedded Security (DIES)

    CY - Enschede

    ER -

    Corin RJ, Etalle S, Hartel PH, Mader AH. Timed Analysis of Security Protocols. Enschede: Distributed and Embedded Security (DIES), 2005. 30 p. (CTIT Technical Report Series; TR-CTIT-05-14).