Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

Publication: Research - peer-reviewConference article – Annual report year: 2012

Standard

Adaptable Authentication Model: Exploring Security with Weaker Attacker Models. / Ahmed, Naveed; Jensen, Christian D.

In: Lecture Notes in Computer Science, Vol. 6542, 2011, p. 234-247.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Harvard

APA

CBE

MLA

Vancouver

Author

Ahmed, Naveed; Jensen, Christian D. / Adaptable Authentication Model: Exploring Security with Weaker Attacker Models.

In: Lecture Notes in Computer Science, Vol. 6542, 2011, p. 234-247.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Bibtex

@article{e74213d0cef9483d9e83736ae69cf78b,
title = "Adaptable Authentication Model: Exploring Security with Weaker Attacker Models",
publisher = "Springer",
author = "Naveed Ahmed and Jensen, {Christian D.}",
year = "2011",
doi = "10.1007/978-3-642-19125-1_18",
volume = "6542",
pages = "234--247",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",

}

RIS

TY - CONF

T1 - Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

A1 - Ahmed,Naveed

A1 - Jensen,Christian D.

AU - Ahmed,Naveed

AU - Jensen,Christian D.

PB - Springer

PY - 2011

Y1 - 2011

N2 - Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.

AB - Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.

U2 - 10.1007/978-3-642-19125-1_18

DO - 10.1007/978-3-642-19125-1_18

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

VL - 6542

SP - 234

EP - 247

ER -