Typing secure implementation of authentication protocols in environments with compromised principals. Issue 11 (11th November 2013)
- Record Type:
- Journal Article
- Title:
- Typing secure implementation of authentication protocols in environments with compromised principals. Issue 11 (11th November 2013)
- Main Title:
- Typing secure implementation of authentication protocols in environments with compromised principals
- Authors:
- Sattarzadeh, Behnam
Fallah, Mehran S. - Abstract:
- <abstract abstract-type="main" id="sec882-abs-0001"> <title>ABSTRACT</title> <p id="sec882-para-0001">Analyzing the executable code, instead of the high‐level model, of security protocols has received attention in recent years. To this end, a number of security type systems have already been proposed. These type systems are sound but incomplete. That is, a well‐typed protocol is certainly secure, whereas no judgment can be made about the protocol whose type‐annotated code is ill typed. In fact, the type‐based analysis of a protocol would have no result unless we are able to find a well‐typed code that represents both the protocol and the attacker's capabilities. As there is a very large space of possible type annotations and adversary models, this requires a profound knowledge of the rationale behind the underlying type system as well as the components of the protocol being analyzed. The problem is aggravated when the protocol runs in environments containing compromised principals. These issues have rendered the use of such type systems somewhat impractical. This paper is an attempt to resolve the problem for authentication protocols in environments containing Dolev–Yao attackers. We concretize our ideas in F5, a security type checker, and suggest effective type annotations and so‐called attacker interfaces representing the capabilities of a general adversary. Copyright © 2013 John Wiley & Sons, Ltd.</p> </abstract>
- Is Part Of:
- Security and communication networks. Volume 7:Issue 11(2014:Nov.)
- Journal:
- Security and communication networks
- Issue:
- Volume 7:Issue 11(2014:Nov.)
- Issue Display:
- Volume 7, Issue 11 (2014)
- Year:
- 2014
- Volume:
- 7
- Issue:
- 11
- Issue Sort Value:
- 2014-0007-0011-0000
- Page Start:
- 1815
- Page End:
- 1830
- Publication Date:
- 2013-11-11
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/sec.882 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 3438.xml