Automated analysis of diffie-hellman protocols and advanced security properties

Proceedings of the Computer Security Foundations Workshop

Volumn , Issue , 2012, Pages 78-94

  Schmidt, Benedikt ^a   Meier, Simon ^a   Cremers, Cas ^a   Basin, David ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

AUTOMATED ANALYSIS; CONSTRAINT SOLVING; DIFFIE HELLMAN; DIFFIE-HELLMAN PROTOCOL; EXPONENTIATIONS; FIRST-ORDER FORMULAS; GENERAL APPROACH; MULTISET REWRITING; NON-TRIVIAL; NORMAL FORM; SECURITY MODEL; SECURITY PROPERTIES; SECURITY PROTOCOLS; STRAND SPACE; SYMBOLIC ANALYSIS;

ALGORITHMS; FORMAL LOGIC; SECURITY SYSTEMS;

NETWORK SECURITY;

EID: 84866938883     PISSN: 10636900     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2012.25     Document Type: Conference Paper

References (39)

1. B. LaMacchia, K. Lauter, and A. Mityagin, "Stronger security of authenticated key exchange," in Provable Security, ser. LNCS, vol. 4784. Springer, 2007, pp. 1-16.
2. S. Blake-Wilson and A. Menezes, "Unknown Key-Share Attacks on the Station-to-Station (STS) Protocol," in Proceedings of the 2nd International Workshop on Practice and Theory in Public Key Cryptography. Springer, 1999, pp. 154-170.
3. C. Cremers, "Session-StateReveal is stronger than eCK's EphemeralKeyReveal: Using automatic analysis to attack the NAXOS protocol," International Journal of Applied Cryptography (IJACT), vol. 2, pp. 83-99, 2010.
4. K. Lauter and A. Mityagin, "Security analysis of KEA authenticated key exchange protocol," in PKC 2006, ser. LNCS, vol. 3958. Springer, 2006, pp. 378-394.
5. M. Just and S. Vaudenay, "Authenticated multi-party key agreement," in ASIACRYPT 1996, ser. LNCS, vol. 1163. Springer, 1996, pp. 36-49.
6. R. Küsters and T. Truderung, "Using ProVerif to analyze protocols with Diffie-Hellman exponentiation," in Proceedings of the 22nd IEEE Computer Security Foundations Symposium. IEEE Computer Society, 2009, pp. 157-171.
7. Y. Chevalier, R. Küsters, M. Rusinowitch, and M. Turuani, "Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents," in FSTTCS 2003, ser. LNCS, vol. 2914. Springer, 2003, pp. 124-135.
8. V. Shmatikov, "Decidable analysis of cryptographic protocols with products and modular exponentiation," in Programming Languages and Systems, ser. LNCS. Springer, 2004, vol. 2986, pp. 355-369.
9. C. Lynch and C. Meadows, "Sound approximations to Diffie-Hellman using rewrite rules," in Information and Communications Security, ser. LNCS. Springer, 2004, vol. 3269, pp. 65-70.
10. S. Mödersheim, "Diffie-Hellman without difficulty," in Proceedings of the 8th International Workshop on Formal Aspects of Security & Trust (FAST), 2011.
11. L. Ngo, C. Boyd, and J. Nieto, "Automated proofs for Diffie-Hellman-based key exchanges," in Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2011, pp. 51-65.
12. B. Blanchet, M. Abadi, and C. Fournet, "Automated verification of selected equivalences for security protocols," Journal of Logic and Algebraic Programming, vol. 75, no. 1, pp. 3-51, 2008.
13. J. Goubault-Larrecq, M. Roger, and K. Verma, "Abstraction and resolution modulo AC: How to verify Diffie-Hellman-like protocols automatically," Journal of Logic and Algebraic Programming, vol. 64, no. 2, pp. 219-251, 2005.
14. S. Escobar, C. Meadows, and J. Meseguer, "State space reduction in the Maude-NRL protocol analyzer," in Computer Security - ESORICS 2008, ser. LNCS. Springer, 2008, vol. 5283, pp. 548-562.
15. D. Basin and C. Cremers, "Modeling and analyzing security in the presence of compromising adversaries," in Computer Security - ESORICS 2010, ser. LNCS, vol. 6345. Springer, 2010, pp. 340-356.
16. -, "Degrees of security: Protocol guarantees in the face of compromising adversaries," in 19th EACSL Annual Conference on Computer Science Logic (CSL), ser. LNCS, vol. 6247. Springer-Verlag, 2010, pp. 1-18.
17. H. Andréka, I. Németi, and J. van Benthem, "Modal languages and bounded fragments of predicate logic," Journal of Philosophical Logic, vol. 27, pp. 217-274, 1998.
18. B. Schmidt, S. Meier, C. Cremers, and D. Basin, "Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties (Extended Version)," April 2012, available http: //www.infsec.ethz.ch/research/ software#TAMARIN.
19. S. Meier and B. Schmidt, "The TAMARIN prover: source code and case studies," April 2012, available http://hackage.haskell. org/package/tamarin-prover-0.4.0.0.
20. H. Krawczyk, "HMQV: A high-performance secure Diffie-Hellman protocol," in Advances in Cryptology-CRYPTO 2005, ser. LNCS, vol. 3621. Springer, 2005, pp. 546-566.
21. C. Cremers, "Examining indistinguishability-based security models for key exchange protocols: the case of CK, CK-HMQV, and eCK," in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. ACM, 2011, pp. 80-91.
22. I. R. Jeong, J. Katz, and D. H. Lee, "One-round protocols for two-party authenticated key exchange," in Applied Cryptography and Network Security. Springer, 2004, pp. 220-232.
23. F. J. Thayer, J. C. Herzog, and J. D. Guttman, "Strand spaces: Proving security protocols correct," Journal of Computer Security, vol. 7, no. 1, 1999.
24. S. Escobar, R. Sasse, and J. Meseguer, "Folding variant narrowing and optimal variant termination," Rewriting Logic and Its Applications, pp. 52-68, 2010.
25. H. Comon-Lundh and S. Delaune, "The finite variant property: How to get rid of some algebraic properties," Term Rewriting and Applications, pp. 294-307, 2005.
26. L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone, "An efficient protocol for authenticated key agreement," Designs, Codes and Cryptography, vol. 28, pp. 119-134, 2003.
27. E. Clarke, S. Jha, and W. Marrero, "Verifying security protocols with Brutus," ACM Trans. Softw. Eng. Methodol., vol. 9, no. 4, pp. 443-487, 2000.
28. S. Blake-Wilson and A. Menezes, "Authenticated Diffie-Hellman key agreement protocols," in Selected Areas in Cryptography, ser. LNCS. Springer, 1999, vol. 1556, pp. 630-630.
29. I. R. Jeong, J. Katz, and D. H. Lee, "One-round protocols for two-party authenticated key exchange (full)," 2008, http: //www.cs.umd.edu/~jkatz/papers/1round AKE.pdf.
30. SP 800-56B, Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes using Integer Factorization Cryptography, National Institute of Standards and Technology, August 2009.
31. S. Chatterjee, A. Menezes, and B. Ustaoglu, "A generic variant of NIST's KAS2 key agreement protocol," in Proceedings of the 16th Australasian conference on Information security and privacy (ACISP'11). Springer, 2011, pp. 353-370.
32. R. Corin, A. Saptawijaya, and S. Etalle, "A logic for constraint-based security protocol analysis," in Proceedings of IEEE Symposium on Security and Privacy, S& P 2006, 2006, pp. 155-168.
33. A. Armando, R. Carbone, and L. Compagna, "LTL model checking for security protocols," in Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2007, pp. 385 - 396.
34. C. Meadows and P. Narendran, "A unification algorithm for the Group Diffie-Hellman protocol," in Proc. of WITS 2002, 2002.
35. D. Kapur, P. Narendran, and L. Wang, "An E-unification algorithm for analyzing protocols that use modular exponentiation," in Rewriting Techniques and Applications. Springer, 2003, pp. 165-179.
36. B. Blanchet, "An efficient cryptographic protocol verifier based on Prolog rules," in Proceedings of the 14th IEEE Computer Security Foundations Workshop. IEEE, 2001, pp. 82-96.
37. C. Cremers, "The Scyther Tool: Verification, falsification, and analysis of security protocols," in Computer Aided Verification (CAV), ser. LNCS, vol. 5123. Springer, 2008, pp. 414-418.
38. D. Song, S. Berezin, and A. Perrig, "Athena: A novel approach to efficient automatic security protocol analysis," Journal of Computer Security, vol. 9, pp. 47-74, 2001.
39. S. Meier, C. Cremers, and D. A. Basin, "Strong invariants for the efficient construction of machine-checked protocol security proofs," in Proceedings of the 23rd IEEE Computer Security Foundations Symposium. IEEE Computer Society, 2010, pp. 231-245.