nach oben

International Journal of Information Security

Erschienen in:

17.02.2016 | Special Issue Paper

Measuring protocol strength with security goals

verfasst von: Paul D. Rowe, Joshua D. Guttman, Moses D. Liskov

Erschienen in: International Journal of Information Security | Ausgabe 6/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Flaws in published standards for security protocols are found regularly, often after systems implementing those standards have been deployed. Because of deployment constraints and disagreements among stakeholders, different fixes may be proposed and debated. In this process, security improvements must be balanced with issues of functionality and compatibility. This paper provides a family of rigorous metrics for protocol security improvements. These metrics are sets of first-order formulas in a goal language \(\mathcal {GL}(\varPi )\) associated with a protocol \(\varPi \). The semantics of \(\mathcal {GL}(\varPi )\) is compatible with many ways to analyze protocols, and some metrics in this family are supported by many protocol analysis tools. Other metrics are supported by our Cryptographic Protocol Shapes Analyzer cpsa. This family of metrics refines several “hierarchies” of security goals in the literature. Our metrics are applicable even when, to mitigate a flaw, participants must enforce policies that constrain protocol execution. We recommend that protocols submitted to standards groups characterize their goals using formulas in \(\mathcal {GL}(\varPi )\), and that discussions comparing alternative protocol refinements measure their security in these terms.

Vorheriger Artikel Message from the guest editors

Nächster Artikel Secure modular password authentication for the web using channel bindings

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

We use the terminology of Cremers and Mauw’s [12] instead of [24] because it makes finer distinctions that are useful for our purposes.

Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th ACM Symposium on Principles of Programming Languages (POPL ’01), pp. 104–115 (January 2001)

Almousa, O., Mödersheim, S.A., Modesti, P., Viganò, L.: Typing and compositionality for security protocols: a generalization to the geometric fragment. In: ESORICS, LNCS Springer, (September 2015)

Basin, David A., Cremers, Cas, Meier, Simon: Provably repairing the ISO/IEC 9798 standard for entity authentication. J. Comput. Secur. 21(6), 817–846 (2013)CrossRefMATH

Basin, D.A., Cremers, C.J.F.: Modeling and analyzing security in the presence of compromising adversaries. In: Computer Security–ESORICS, pp. 340–356. Springer, Berlin, Heidelberg (2010)

Basin, David A., Cremers, Cas J.F., Miyazaki, Kunihiko, Radomirovic, Sasa, Watanabe, Dai: Improving the security of cryptographic protocol standards. IEEE Secur. Priv. 13(3), 24–31 (2015)CrossRef

Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Advances in Cryptology–CRYPTO’93, pp. 232–249. Springer, Berlin, Heidelberg (1993)

Bhargavan, K., Delignat-Lavaud, A., Fournet, C., Pironti, A., Strub, P.-Y.: Triple handshakes and cookie cutters: breaking and fixing authentication over TLS. In: IEEE Symposium on Security and Privacy (2014)

Blanchet, B.: An efficient protocol verifier based on Prolog rules. In: 14th Computer Security Foundations Workshop, pp. 82–96. IEEE CS Press (June 2001)

Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Eurocrypt, LNCS, pp. 453–474. Springer (2001)

10.

Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Eurocrypt, LNCS, pp. 337–351. Springer (2002)

11.

Cervesato, Iliano, Jaggard, Aaron D., Scedrov, Andre, Tsay, Joe-Kai, Walstad, Christopher: Breaking and fixing public-key Kerberos. Inf. Comput. 206(2–4), 402–424 (2008)MathSciNetCrossRefMATH

12.

Cremers, Cas, Mauw, Sjouke: Operational Semantics and Verification of Security Protocols. Springer, Berlin (2012)CrossRefMATH

13.

Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), Updated by RFCs 5746, 5878, 6176 (August 2008)

14.

Dougherty, D.J., Guttman, J.D.: Decidability for lightweight Diffie–Hellman protocols. In: IEEE Symposium on Computer Security Foundations (2014)

15.

Durgin, Nancy, Lincoln, Patrick, Mitchell, John, Scedrov, Andre: Multiset rewriting and the complexity of bounded security protocols. J. Comput. Secur. 12(2), 247–311 (2004). (Initial version appeared in Workshop on Formal Methods and Security Protocols, 1999)CrossRef

16.

Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. Found. Secur. Anal. Des. V, 1–50 (2009)

17.

Guttman, J.D.: Shapes: surveying crypto protocol runs. In Veronique Cortier and Steve Kremer, editors, Formal Models and Techniques for Analyzing Security Protocols, Cryptology and Information Security Series. IOS Press, Amsterdam (2011)

18.

Guttman, Joshua D.: State and progress in strand spaces: proving fair exchange. J. Autom. Reason. 48(2), 159–195 (2012)MathSciNetCrossRefMATH

19.

Guttman, Joshua D.: Establishing and preserving protocol security goals. J. Comput. Secur. 22(2), 201–267 (2014)CrossRef

20.

Guttman, J.D., Liskov, M.D., Rowe, P.D.: Security goals and evolving standards. In: Security Standardisation Research, pp. 93–110. Springer (2014)

21.

ISO/IEC IS 9798–2: Entity authentication mechanisms—part 2: entity authentication using symmetric encipherment algorithms (1993)

22.

International Organization for Standardization: ISO/IEC 29128: Information technology—security techniques—verification of cryptographic protocols (2011)

23.

Liu, C., Singhal, A., Wijesekera, D.: A model towards using evidence from security events for network attack analysis. In: WOSIS 2014—Proceedings of the 11th International Workshop on Security in Information Systems, Lisbon, Portugal, 27 April, 2014 pp. 83–95 (2014)

24.

Lowe, G.: A hierarchy of authentication specification. In: 10th Computer Security Foundations Workshop Proceedings, pp. 31–43. IEEE CS Press (1997)

25.

Luce, R.D., Suppes, P.: Measurement, theory of Encyclopedia Britannica. 15th edn (11), pp. 739–745 (1974)

26.

Martin, R.A.: Making security measurable and manageable. In: MILCOM 2008 (November 2008)

27.

Meadows, C.: The NRL protocol analyzer: an overview. J. Log. Program. 26(2), 113–131 (1996)CrossRefMATH

28.

Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard), (July 2005). Updated by RFCs 4537, 5021, 5896, 6111, 6112, 6113, 6649, 6806

29.

Ramsdell, J.D., Dougherty, D.J., Guttman, J.D., Rowe, P.D.: A hybrid analysis for security protocols with state In: Integrated Formal Methods, pp. 272–287. Springer International Publishing (2014). http://dx.doi.org/10.1007/978-3-319-10181-1_17

30.

Ramsdell, J.D., Guttman, J.D.: CPSA: a cryptographic protocol shapes analyzer (2009). http://hackage.haskell.org/package/cpsa

31.

Rescorla, E., Ray, M., Dispensa, S., Oskov, N.: Transport Layer Security (TLS) Renegotiation Indication Extension. RFC 5746 (Proposed Standard) (February 2010)

32.

Roscoe, A.W.: Intensional specifications of security protocols, pp. 28–38. In: IEEE Computer Security Foundations, Workshop (1996)

33.

Song, Dawn Xiaodong,: Athena: A new efficient automated checker for security protocol analysis. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop. IEEE CS Press (June 1999)

34.

Sun, K., Jajodia, S., Li, J., Cheng, Y., Tang, W., Singhal, A.: Automatic security analysis using security metrics. In: MILCOM (November 2011)

35.

Thayer, F.Javier, Herzog, Jonathan C., Guttman, Joshua D.: Strand spaces: proving security protocols correct. J. Comput. Secur. 7(2/3), 191–230 (1999)CrossRef

36.

The MITRE Corporation. The common vulnerabilities and exposures (CVE) initiative. http://cve.mitre.org

37.

The MITRE Corporation. The common weakness enumeration (CWE). http://cwe.mitre.org

38.

Woo, T.Y.C., Lam, S.S.: Verifying authentication protocols: Methodology and example. In: Proceedings of International Conference on Network Protocols (October 1993)

39.

Zhu, L., Tung, B.: Public Key Cryptography for Initial Authentication in Kerberos (PKINIT). RFC 4556 (Proposed Standard) (June 2006). Updated by RFC 6112

Titel: Measuring protocol strength with security goals
verfasst von: Paul D. Rowe
Joshua D. Guttman
Moses D. Liskov
Publikationsdatum: 17.02.2016
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 6/2016
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-016-0319-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 6/2016

Improving the ISO/IEC 11770 standard for key management techniques

Secure modular password authentication for the web using channel bindings

Message from the guest editors

Unpicking PLAID: a cryptographic analysis of an ISO-standards-track authentication protocol

Analyzing proposals for improving authentication on the TLS-/SSL-protected Web