Security Protocol Design via Authentication Tests.

We describe a protocol design process, and illustrate its use by creating ATSPECT, an Authentication Test-based Secure Protocol for Electronic Commerce Transactions. ... The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory. ... David Basin challenged me to use the authentication test heuristics for the design of a better, simpler electronic commerce protocol. ...

doi:10.1109/csfw.2002.1021809 dblp:conf/csfw/Guttman02 fatcat:xfeb6dk7vzgntensueonx74bye

Only a few private SCADA protocols have advanced level of built-in security features, such as message authentication, since most of these protocols were designed primarily to maximize performance, reliability ... Hardly any open protocol has built-in security feature since open protocols were designed much before the 9/11 attacks in New York. ...

doi:10.1145/1538788.1538820 fatcat:74ssjqgd6ndvpgfanrc6slqlnu

The system enforces the authentication protocol, includes error detection, and handles multiple devices according to their Operating Systems (OS) through their connections/ disconnections. ... It makes the connection faster than manual authentication and facilitates Machine-to-Machine (M2M) secure interactions, as required for IoT. ... It implements a star topology, and all the devices follow the authentication protocol. The sensors or peripherals can be connected to the gateway via a wired or wireless link. ...

doi:10.20532/cit.2018.1004174 fatcat:ich3rhw3ebbu3l3k2lf3mjfy34

DOAJ OJS Szczepanski

This paper presents a tool that leverages on existing design verification and security testing techniques, and extends them to support developers in analyzing security protocols. ... However, none of the existing security testing techniques provides the features, scalability, and usability to support developers in assessing the security of protocol configurations and deviations. ... In conclusion, we presented a model-driven security analysis and testing tool. It supports the evaluation of the impact of implementation decisions and protocol configurations. ...

doi:10.1007/978-3-642-41707-8_19 fatcat:t7i4lj7tlrak5ieqzjo7dyuhle

This paper presents a case study of security protocol design: authentication of binding updates in Mobile IPv6. ... We go step by step through the threat analysis and show how each threat is addressed in the protocol design. ... The protocol design is unusual and it would not be considered secure by the measures of traditional security protocol analysis. ...

doi:10.1007/978-3-540-39871-4_18 fatcat:hte257y76vautio7uec7xhwjgq

Mobile IPv6 is a network-layer mobility protocol for the IPv6 Internet. The protocol includes several security mechanisms, such as the return-routability tests for the care-of addresses. ... This paper explains the threat model and design principles that motivated the Mobile IPv6 security features. ... The protocol design is unusual and it would not be considered secure by the measures of traditional security protocol analysis. ...

doi:10.1007/bf03219911 fatcat:kc26pffkibh45euukmi7cezjwa

The security features leverage X.509v3 digital certificates for authentication of the server and client. ... Unfortunately, Modbus lacks basic security mechanisms, and this leads to multiple vulnerabilities, due to both design and implementation. ... that Modbus security problems are related to the protocol design. ...

doi:10.3390/s19204455 pmid:31615147 pmcid:PMC6832255 fatcat:4mjc2xgke5ddnch677pad5zkry

DOAJ

applying the SIGMAC compiler to Π results in a provably secure mutually authenticated KE protocol. ... Our work is motivated in part by the ongoing work on the design of TLS 1.3, specifically the design of the client authentication mechanisms including the challenging case of post-handshake authentication ... Then, Π is secure according to the (mutual authentication) ACCE model. Acknowledgment. ...

doi:10.1145/2976749.2978325 dblp:conf/ccs/Krawczyk16 fatcat:ryymwghsunhx5hpru3cjw3qcza

Some recommendations such as proper security plan, security polices, usage of authentication protocols, password management, remote access through security protocol (VPN, PKI and encryption), wireless ... In proposed study, based on existing security analysis of SCADA systems, the security implementation via cryptography mechanism has been placed between SCADA nodes during transmission of bytes. ... Distribute network protocol (DNP3) and other SCADA protocols, and their communication are fully supported by Test Harness simulation tool. ...

doi:10.1109/icact.2015.7224821 fatcat:zozejafx2vawbmfqobdos2v7am

We also designed and tested a simple random number generator suitable for sensor platforms. ... A notable feature of the proposed "public key"-based key deployment protocol is that it is designed to be secure in a very strong attacker model, where an attacker can eavesdrop, jam and modify transmitted ... Our "public key" -based protocol is designed to be secure in this very strong attacker model. ...

doi:10.1007/978-3-642-05284-2_13 fatcat:vqytfia5dnaubp34ycohgizega

constructs -such as Extensible Authentication Protocol (EAP) for Transport layer Security (TLS).In our analysis, we identify essential elements, model and verify the EAP -TLS protocol using SPIN. ... It will evidently provide an insight into the scope and utility of formal methods based on state space exploration in testing larger and complex systems, for example, the complete Wireless LAN authentication ... Since the design of a secure key management protocol is non-trivial, it is desirable to avoid creating new mechanisms for this. ...

doi:10.1109/icste.2010.5608759 fatcat:ikashat3sne27pvmabsrsxmkyq

Authentication in public spaces, such as ATM PIN entry, is inherently susceptible to security attacks based on observation in person or via cameras. ... This paper addresses this problem with a system which allows users to enter a PIN on a standard mobile phone and then transmit it securely for authentication using modulated patterns of light shown on ... In fact, early tests of the 4bit protocol using MD5 128-bit encryption show unchanged error rates but lengthier authentication times (of 5.3 seconds). ...

doi:10.1145/2071536.2071542 dblp:conf/ozchi/BianchiOK11 fatcat:qivm7fxmxjex3fmtzy6fabvgli

Furthermore, authenticating both IPv4 and IPv6 increases the traceability of traffic logs when security attacks occur. ... The proposed authentication system resolves the inconvenience of separate IPv4 and IPv6 authentication and effectively improves the compatibility of the two protocols. ... This article was presented in part at the Fourth International Symposium on Mobile Internet Security, Taichung, Taiwan, October 2019. ...

doi:10.1109/access.2020.2974659 fatcat:czhwkcbmhfczvbhqxs7cs7omba

DOAJ

here); and (ii) the definition allows for simple modular proofs of security: one can design and prove security of key-exchange protocols in an idealized model where the communication links are perfectly ... We exemplify the usability of our results by applying them to obtain the proof of two classes of key-exchange protocols, Diffie-Hellman and key-transport, authenticated via symmetric or asymmetric techniques ... The other central goal of the paper is in simplifying the usability of the resultant security definitions via a modular approach to the design and analysis of ke protocols. ...

doi:10.1007/3-540-44987-6_28 fatcat:3dgqlk7rmzh6hgair42kimnwbm

Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols. ... To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the ... Acknowledgements This work was supported in part by a grant from 2013 Yancheng industrial supporting projects (The application security of RFID technology in the emerging industry, the intelligent management ...

doaj:900d220a36d548f294bdf6f148fd8e0a fatcat:la4ytatuafb73gnpalygd4p7lq

DOAJ

Security protocol design via authentication tests

Preserved Fulltext

Improving the cyber security of SCADA communication networks

Preserved Fulltext

Multi-point Security by a Multiplatform-compatible Multifunctional Authentication and Encryption Board

Preserved Fulltext

A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols [chapter]

Preserved Fulltext

Mobile IPv6 Security [chapter]

Preserved Fulltext

Designing the mobile IPv6 security protocol

Preserved Fulltext

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

Preserved Fulltext

A Unilateral-to-Mutual Authentication Compiler for Key Exchange (with Applications to Client Authentication in TLS 1.3)

Preserved Fulltext

A SCADA intermediate simulation platform to enhance the system security

Preserved Fulltext

Multichannel Protocols for User-Friendly and Scalable Initialization of Sensor Networks [chapter]

Preserved Fulltext

Modeling and verification of Extensible Authentication Protocol for Transport layer Security in Wireless LAN environment

Preserved Fulltext

Using mobile device screens for authentication

Preserved Fulltext

Dual-stack Network Management Through One-time Authentication Mechanism

Preserved Fulltext

Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels [chapter]

Preserved Fulltext

Authentication Test-Based the RFID Authentication Protocol with Security Analysis

Preserved Fulltext