Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

Naveed Ahmed, Christian D. Jensen

    Research output: Contribution to journalConference articleResearchpeer-review

    Abstract

    Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.
    Original languageEnglish
    Book seriesLecture Notes in Computer Science
    Volume6542
    Pages (from-to)234-247
    ISSN0302-9743
    DOIs
    Publication statusPublished - 2011
    EventInternational Symposium on Engineering Secure Software and Systems - Madrid, Spain
    Duration: 9 Feb 201110 Feb 2011
    http://distrinet.cs.kuleuven.be/events/essos/2011/

    Conference

    ConferenceInternational Symposium on Engineering Secure Software and Systems
    CountrySpain
    CityMadrid
    Period09/02/201110/02/2011
    Internet address

    Cite this