ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Modelling the relative strength of security protocols
Full text PdfPdf (188 KB)
Source Conference on Computer and Communications Security archive
Proceedings of the 2nd ACM workshop on Quality of protection table of contents
Alexandria, Virginia, USA
SESSION: Network security metrics table of contents
Pages: 45 - 48  
Year of Publication: 2006
ISBN:1-59593-553-3
Authors
Ho Chung  University of Southern California, Los Angeles
Clifford Neuman  University of Southern California, Los Angeles
Sponsors
ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 42,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1179494.1179504
What is a DOI?

ABSTRACT

In this paper, we present a way to think about the relative strength of security protocols using SoS, a lattice-theoretic representation of security strength. In particular, we discuss how the model can be used, present the TLS protocol as a compelling real world example, show how it is modeled, and then explain how lattice-theoretic properties can be used to evaluate security protocols.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
G. Bella. Inductive Verification of Cryptographic Protocols. PhD thesis, Clare College University of Cambridge, 2000.
 
2
Mihir Bellare , Anand Desai , David Pointcheval , Phillip Rogaway, Relations Among Notions of Security for Public-Key Encryption Schemes, Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology, p.26-45, August 23-27, 1998
 
3
S. Bistarelli, G. Bella, and S. Foley. Soft constraints for security. In First International Workshop on Views On Designing Complex Architectures (VODCA), September 2004.
 
4
M. Burrows, M. Abadi, and R. Needham. A logic of authentication. In Proceeding of the Royal Society of London, 1989.
 
5
R. Canetti, C. Meadows, and P. Syverson. Environmental requirements for authentication protocols. In Proceeding of the International Symposium on Software Security, pages 339--355. Springer-Verlag, 2002.
 
6
H. Chung and C. Neuman. Modelling the relative strength of security protocols. Technical Report 06-882, University of Southern California, Computer Science Department, August 2006.
 
7
T. Dierks , C. Allen, The TLS Protocol Version 1.0, RFC Editor, 1999
 
8
Whitfield Diffie , Paul C. Van Oorschot , Michael J. Wiener, Authentication and authenticated key exchanges, Designs, Codes and Cryptography, v.2 n.2, p.107-125, June 1992  [doi>10.1007/BF00124891]
 
9
D. Dolev and A. C. Yao. On the security of public key protocols. In Proceeding of the IEEE 22nd Annual Symposium on Foundations of Computer Science, pages 350--357, 1981.
 
10
F. T. Fábrega, J. Herzog, and J. D. Guttman. Strand spaces: Why is a security protocol correct? In Proceeding of the 16th IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1998.
 
11
D. Gollmann, What do we mean by entity authentication?, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.46, May 06-08, 1996
 
12
C. He and J. Mitchell. Security analysis and improvements for IEEE 802.11i. In Proceeding of the 12th Annual Network and Distributed System Security Symposium (NDSS'05), 2005.
 
13
K. E. Hickman. The SSL 2.0 protocol. http://wp.netscape.com/eng/security/SSL2.html, January 1995.
 
14
Charlie Kaufman , Radia Perlman , Mike Speciner, Network security: private communication in a public world, Prentice-Hall, Inc., Upper Saddle River, NJ, 1995
 
15
Gavin Lowe, Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR, Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems, p.147-166, March 27-29, 1996
 
16
Gavin Lowe, A Hierarchy of Authentication Specifications, Proceedings of the 10th Computer Security Foundations Workshop (CSFW '97), p.31, June 10-12, 1997
 
17
C. Meadows. Formal methods for cryptographic protocol analysis: Emerging issues and trends. IEEE Journal on Selected Areas in Communication, 21(1):44--54, January 2003.
 
18
Alfred J. Menezes , Scott A. Vanstone , Paul C. Van Oorschot, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL, 1996
 
19
J. Mitchell, V. Shmatikov, and U. Stern. Finite-state analysis of SSL 3.0. In 7th USENIX Security Symposium, 1998.
 
20
Steve Schneider, Verifying authentication protocols with CSP, Proceedings of the 10th Computer Security Foundations Workshop (CSFW '97), p.3, June 10-12, 1997
 
21
D. Wagner and B. Schneier. Analysis of the SSL 3.0 protocol. In The 2nd USENIX workshop on Electronic Commerce, pages 29--40. USENIX Press, 1996.

CITED BY
Arshad Noor, Identity protection factor (IPF), Proceedings of the 7th symposium on Identity and trust on the Internet, March 04-06, 2008, Gaithersburg, Maryland

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.1 MODELS AND PRINCIPLES

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.8 Performance
          Subjects: Modeling and prediction; Measurements


General Terms:
Security


Keywords:
comparison, cryptographic protocols, lattice, relative strength

Collaborative Colleagues:
Ho Chung: colleagues
Clifford Neuman: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player