A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf
.
Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication
[chapter]
2012
Lecture Notes in Computer Science
We formally analyze the family of entity authentication protocols defined by the ISO/IEC 9798 standard and find numerous weaknesses, both old and new, including some that violate even the most basic authentication guarantees. We analyze the cause of these weaknesses, propose repaired versions of the protocols, and provide automated, machine-checked proofs of their correctness. From an engineering perspective, we propose two design principles for security protocols that suffice to prevent all
doi:10.1007/978-3-642-28641-4_8
fatcat:fderlbru7jhfhkeudaio3zxu6e