Prudent engineering practice for cryptographie protocols

IEEE Transactions on Software Engineering

Volumn 22, Issue 1, 1996, Pages 6-15

  Abadi, Martfn ^a,b   Needham, Roger ^a,b  

^a HEWLETT PACKARD COMPANY   (United States)

^b UNIVERSITY OF CAMBRIDGE   (United Kingdom)

Author keywords

Cryptography, authentication, cryptographic protocols, authentication protocols, security

Indexed keywords

EID: 0002885224     PISSN: 00985589     EISSN: None     Source Type: Journal    
DOI: 10.1109/32.481513     Document Type: Article

References (36)

1. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin, "A calculus for access control in distributed systems," ACM Trans. Programming Languages and Systems, vol. 15, no. 4, pp. 706-734, Sept. 1993.
2. S.M. Bellovin and M. Merritt, "Limitations of the Kerberos authentication system," Computer Comm. Review, vol. 20, no. 5, pp. 119-132, Oct. 1990.
3. C. Boyd and W. Mao, "On a limitation of BAN logic," Proc. Advances in Cryptology: Eurocrypt '93, pp. 240-247, Springer-Verlag, 1993.
4. M. Burrows, M. Abadi, and R.M. Needham, "A logic of authentication," Proc. Royal Soc. London A, vol. 426, pp. 233-271, 1989. A preliminary version appeared as Digital Equipment Corporation Systems Research Center report no. 39, Feb. 1989.
5. CCITT. CC1TT Blue Book, Recommendation X.509 and ISO 9594- 8: The Directory-Authentication Framework. Geneva, Mar. 1988.
6. D.E. Denning and G.M. Sacco, "Timestamps in key distribution protocols," CACM, vol. 24, no. 8, pp. 533-536, Aug. 1981.
7. [7J U. Feige, A. Fiat, and A. Shamir, "Zero knowledge proofs of identity," Proc. 19th Ann. ACM Symp. Theory of Computing, pp. 210-217,1987.
8. L. Gong, "A security risk of depending on synchronized clocks," Operating Systems Review, vol. 26, no. 1, pp. 49-54, Jan. 1992.
9. N. Heintze and J.D. Tygar, "Timed models for protocol security," CMU Technical Report CMU-CS-92-100, Jan. 1992.
10. K.E.B. Hickman and T. Elgamal, "The SSL Protocol," Internet Draft, Netscape Communications Corp., version of June 1995. Currently available from http://home.netscape.com/newsref/std/SSL.html.
11. [Ill K.E.B. Hickman, "The SSL protocol," RFC, Netscape Communications Corp., version of Oct. 31,1994.
12. B. Lampson, M. Abadi, M. Burrows, and E. Wobber, "Authentication in distributed systems: Theory and practice," ACM Trans. Computer Systems, vol. 10, no. 4, pp. 265-310, Nov. 1992.
13. A. Liebl. "Authentication in distributed systems: A bibliography," Operating Systems Review, vol. 27, no. 4, pp. 31-41, Oct. 1993.
14. W.P. Lu and M.K. Sundareshan, "Secure communication in internet environments: A hierarchical key management scheme for end-to-end encryption," IEEE Trans. Comm., vol. 37, no. 10, pp. 1,014-1,023, Oct. 1989.
15. W.P. Lu and M.K. Sundareshan, "Enhanced protocols for hierarchical encryption key management for secure communication in internet environments," IEEE Trans. Comm., vol. 40, no. 4, pp. 658- 660, Apr. 1992.
16. W. Mao and C. Boyd, "Towards formal analysis of security protocols," Proc. Computer Security Foundations Workshop VII, pp. 147- 158,1993.
17. G. Medvinsky and B.C. Neuman, "NetCash: A design for practical electronic currency on the internet," Proc. 1993 ACM Conf. Computer and Comm. Security, pp. 102-106.
18. [18J S.P. Miller, B.C. Neuman, J.I. Schiller, and J.H. Saltzer, "Kerberos authentication and authorization system," Project Athena Technical Plan, Section E.2.1, MIT, July 1987.
19. J.H. Moore, "Protocol failures in cryptoSystems," Proc. IEEE, vol. 76, no. 5, pp. 594-602, May 1988.
20. National Bureau of Standards, "Data encryption standard," FIPS Pub. 46, Jan. 1977.
21. R.M. Needham, "Cryptography and secure channels," Distributed Systems, 2nd edition, S. Mullender, éd., pp. 231-241. ACM Press, 1993.
22. R.M. Needham and M.D. Schroeder, "Using encryption for authentication in large networks of computers," CACM, vol. 21, no. 12, pp. 993-999, Dec, 1978.
23. R.M. Needham and M.D. Schroeder, "Authentication revisited," Operating Systems Review, vol. 21, no. 1, p. 7, Jan. 1987.
24. B.C. Neuman and S.G. Stubblebine, "A note on the use of timestamps as nonces/' Operating Systems Review, vol. 27, no. 2, pp. 10-14 Apr. 1993.
25. D. Otway and O. Rees, "Efficient and timely mutual authentication," Operating Systems Review, vol. 21, no. 1, pp. 8-10, Jan. 1987.
26. M.K. Reiter, "A security architecture for fault-tolerant systems," PhD Thesis, Cornell Univ., available as Technical Report 93-1367, Dept. of Computer Science, Cornell Univ., July 1993.
27. R. Rivest, "The MD4 message digest algorithm," Proc. Advances in Cryptology: Crypto '90, pp. 303-311, Springer-Verlag, 1991.
28. R.L. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Comm. ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978.
29. E. Snekkenes, "Roles in cryptographic protocols," Proc. 1992 IEEE Symp. Security and Privacy, pp. 105-119.
30. P. Syverson, "On key distribution protocols for repeated authentication," Operating Systems Review, vol. 27, no. 4, pp. 24-30, Oct. 1993.
31. V. Varadharajan, P. Alien, and S. Black, "An analysis of the proxy problem in distributed systems," Proc. 1991 IEEE Symp. Security and Privacy, pp. 255-275.
32. V.L. Voydock and ST. Kent, "Security mechanisms in high-level network protocols," Computing Surveys, vol. 15, no. 2, pp. 135- 171,1983.
33. E. Wobber, M. Abadi, M. Burrows, and D. Lampson, "Authentication in the Taos operating system," ACM Trans. Computer Systems, vol. 12, no. 1, pp. 3-32, Feb. 1994.
34. T.Y.C. Woo and S.S. Lam, "Authentication for distributed systems," Computer, vol. 25, no. 1, pp. 39-52, Jan. 1992.
35. T.Y.C. Woo and S.S. Lam,. "A lesson on authentication protocol design," Operating Systems Review, vol. 28, no. 3, pp.24-37, July 1994.
36. R. Yahalom, B. Klein, and T. Beth, "Trust relations in secure systems-A distributed authentication perspective," Proc. 1993 IEEE Symp. Security and Privacy, pp. 150-164.