Provably repairing the ISO/IEC 9798 standard for entity authentication

Journal of Computer Security

Volumn 21, Issue 6, 2013, Pages 817-846

  Basin, David ^a   Cremers, Cas ^a   Meier, Simon ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

DESIGN PRINCIPLES; ENGINEERING PERSPECTIVE; ENTITY AUTHENTICATIONS; MACHINE-CHECKED PROOFS; SECURITY PROTOCOLS; SECURITY STANDARDS; VERIFICATION TOOLS; WORKING GROUPS;

NETWORK SECURITY; REPAIR;

MOBILE TELECOMMUNICATION SYSTEMS;

EID: 84892725087     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-130472     Document Type: Article

References (35)

1. M. Abadi and R. Needham, Prudent engineering practice for cryptographic protocols, IEEE Transactions on Software Engineering 22(1) (1996), 6-15. (Pubitemid 126771654)
2. A. Armando and L. Compagna, SAT-based model-checking for security protocols analysis, Int. J. Inf. Sec. 7(1) (2008), 3-32.
3. D. Basin, C. Cremers and C. Meadows, Model checking security protocols, in: Handbook of Model Checking, E. Clarke, T. Henzinger and H. Veith, eds, Springer, 2013, Chapter 24, to appear.
4. K. Bhargavan, C. Fournet, R. Corin and E. Zalinescu, Cryptographically verified implementations for TLS, in: ACM Conference on Computer and Communications Security, ACM, 2008, pp. 459-468.
5. K. Bhargavan, C. Fournet, A.D. Gordon and N. Swamy, Verified implementations of the information card federated identity-management protocol, in: ASIACCS, ACM, 2008, pp. 123-135.
6. R. Canetti and H. Krawczyk, Analysis of key-exchange protocols and their use for building secure channels, in: EUROCRYPT, LNCS, Vol. 2045, Springer, 2001, pp. 453-474. (Pubitemid 33275848)
7. L. Chen and C.J. Mitchell, Parsing ambiguities in authentication and key establishment protocols, Int. J. Electron. Secur. Digit. Forensic 3 (2010), 82-94.
8. C. Cremers, The Scyther Tool: Verification, falsification, and analysis of security protocols, in: Proc. CAV, LNCS, Vol. 5123, Springer, 2008, pp. 414-418, available at: http://people.inf.ethz.ch/cremersc/scyther/.
9. C. Cremers, S. Mauw and E. de Vink, Injective synchronisation: an extension of the authentication hierarchy, Theoretical Computer Science 367 (2006), 139-161. (Pubitemid 44648579)
10. A. Datta, A. Derek, J. Mitchell and D. Pavlovic, Abstraction and refinement in protocol derivation, in: Proc. 17th IEEE Computer Security Foundations Workshop (CSFW), IEEE Comp. Soc., June 2004, pp. 30-45.
11. B. Donovan, P. Norris and G. Lowe, Analyzing a library of security protocols using Casper and FDR, in: Proc. of the Workshop on Formal Methods and Security Protocols, 1999.
12. European Payments Council, Guidelines on algorithms usage and key management, Version 1.1, Technical Report EPC342-08, 2009.
13. J.D. Guttman and F.J. Thayer, Protocol independence through disjoint encryption, in: CSFW, 2000, pp. 24-34.
14. C. He, M. Sundararajan, A. Datta, A. Derek and J.C. Mitchell, A modular correctness proof of IEEE 802.11i and TLS, in: Proc. of the 12th ACM Conference on Computer and Communications Security, CCS'05, ACM, New York, NY, USA, 2005, pp. 2-15. (Pubitemid 44021985)
15. International Organization for Standardization, ISO/IEC 9798-3:1998, Information technology-Security techniques-Entity authentication-Part 3: Mechanisms using digital signature techniques, 2nd edn, Genève, Switzerland, 1998.
16. International Organization for Standardization, ISO/IEC 9798-4:1999, Information technology-Security techniques-Entity authentication-Part 3: Mechanisms using a cryptographic check function, 2nd edn, Genève, Switzerland, 1999.
17. International Organization for Standardization, ISO/IEC 9798-2:2008, Information technology-Security techniques-Entity authentication-Part 2: Mechanisms using symmetric encipherment algorithms, 3rd edn, Genève, Switzerland, 2008.
18. International Organization for Standardization, ISO/IEC 9798-3:1998/Cor.1:2009, Information technology-Security techniques-Entity authentication-Part 3: Mechanisms using digital signature techniques. Technical Corrigendum 1, Genève, Switzerland, 2009.
19. International Organization for Standardization, ISO/IEC 9798-4:1999/Cor.1:2009, Information technology-Security techniques-Entity authentication-Part 3: Mechanisms using a cryptographic check function. Technical Corrigendum 1, Genève, Switzerland, 2009.
20. International Organization for Standardization, ISO/IEC 9798-1:2010, Information technology-Security techniques-Entity authentication-Part 1: General, 3rd edn, Genève, Switzerland, 2010.
21. International Organization for Standardization, ISO/IEC 9798-2:2008/Cor.1:2010, Information technology-Security techniques-Entity authentication-Part 2: Mechanisms using symmetric encipherment algorithms. Technical Corrigendum 1, Genève, Switzerland, 2010.
22. International Organization for Standardization, ISO/IEC 9798-3:1998/Amd.1:2010, Information technology-Security techniques-Entity authentication-Part 3: Mechanisms using digital signature techniques. Amendment 1, Genève, Switzerland, 2010.
23. ITU-T, Recommendation H.235-Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals, 2003.
24. D. Kuhlman, R. Moriarty, T. Braskich, S. Emeott and M. Tripunitara, A correctness proof of a mesh security architecture, in: Proc. of the 2008 21st IEEE Computer Security Foundations Symposium, IEEE Computer Society, 2008, pp. 315-330.
25. G. Lowe, Breaking and fixing the Needham-Schroeder public-key protocol using FDR, in: TACAS'96, LNCS, Vol. 1055, Springer, 1996, pp. 147-166. (Pubitemid 126050413)
26. G. Lowe, A hierarchy of authentication specifications, in: Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), IEEE, 1997, pp. 31-44.
27. S. Matsuo, K. Miyazaki, A. Otsuka and D.A. Basin, How to evaluate the security of real-life cryptographic protocols-The cases of ISO/IEC 29128 and CRYPTREC, in: Financial Cryptography and Data Security, FC 2010 Workshops, RLCPS, WECSR, and WLC 2010, Spain, January 25-28, 2010, Revised Selected Papers, LNCS, Vol. 6054, Springer, 2010, pp. 182-194.
28. C. Meadows, Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer, in: IEEE Symposium on Security and Privacy, 1999, pp. 216-231.
29. C. Meadows, P.F. Syverson and I. Cervesato, Formal specification and analysis of the Group Domain of Interpretation Protocol using NPATRL and the NRL Protocol Analyzer, Journal of Computer Security 12(6) (2004), 893-931. (Pubitemid 41652783)
30. S. Meier, C. Cremers and D. Basin, Efficient construction of machine-checked symbolic protocol security proofs, Journal of Computer Security 21(1) (2013), 41-87.
31. S. Meier, C.J.F. Cremers and D.A. Basin, Strong invariants for the efficient construction of machinechecked protocol security proofs, in: CSF, IEEE Computer Society, 2010, pp. 231-245.
32. A. Menezes, P.V. Oorschot and S. Vanstone, Handbook of Applied Cryptography, 5th edn, CRC Press, 2001.
33. T. Nipkow, L.C. Paulson and M.Wenzel, Isabelle/HOL-A Proof Assistant for Higher-Order Logic, LNCS, Vol. 2283, Springer, 2002.
34. Source code of SCYTHER-PROOF including the models of the repaired ISO/IEC 9798 protocols, March 2013, available at: http://hackage.haskell.org/package/ scyther-proof-0.6.0.0.
35. R. Zuccherato and M. Nystrom, RFC 3163: ISO/IEC 9798-3, Authentication SASL Mechanism, 2001, available at: http://www.rfc-editor.org/info/rfc3163.