Entity Authentication:Analysis using Structured Intuition

Naveed Ahmed, Christian D. Jensen

    Research output: Chapter in Book/Report/Conference proceedingConference abstract in proceedingsResearchpeer-review


    In this paper, we propose a new method for the analysis that uses intuition of the analyst in a structured way. First we define entity authentication in terms of fine level authentication goals (FLAGs). Then we use some relevant structures in protocol narrations and use them to justify FLAGs for the protocol. All along this process, we discover vulnerabilities and unstated assumptions of the protocol. As the method is intuition based, the quality of results depends on the expertise of the security analyst, however, the structured intuition has two major advantages: Firstly we get a precise specification of security in terms of FLAGs; and secondly the outcome can be used to transform basic protocol narrations into more detailed specifications, which makes a subsequent formal analysis much more meaningful.
    Original languageEnglish
    Title of host publicationTechnical Report on NODES10 Proceedings
    Publication date2010
    Publication statusPublished - 2010
    Event4th Nordic Workshop on Dependability and Security - Copenhagen, Denmark
    Duration: 22 Apr 201023 Apr 2010
    Conference number: 4


    Conference4th Nordic Workshop on Dependability and Security


    Dive into the research topics of 'Entity Authentication:Analysis using Structured Intuition'. Together they form a unique fingerprint.

    Cite this