• DocumentCode
    1327960
  • Title

    Formal characterization and automated analysis of known-pair and chosen-text attacks

  • Author

    Stubblebine, Stuart G. ; Meadows, Catherine A.

  • Author_Institution
    CertCo, New York, NY, USA
  • Volume
    18
  • Issue
    4
  • fYear
    2000
  • fDate
    4/1/2000 12:00:00 AM
  • Firstpage
    571
  • Lastpage
    581
  • Abstract
    Formal methods have been successfully applied to exceedingly abstract system specifications to verify high level security properties such as authentication, key exchange, and fail-safe revocation. Furthermore, considerable research exists on evaluating particular ciphers and secure hash functions used to implement high level security properties. However, verifying that less abstract system specifications satisfy low level security properties has been largely impractical. This is evidenced by innumerable system vulnerabilities where high level properties are not attained due to failed assumptions of low level properties. This paper presents ongoing work on investigating known pairs and chosen text using the NRL Protocol Analyzer. We give a formal characterization of known and chosen pairs, and translate it to necessary and sufficiency conditions in the NRL Protocol Analyzer model. It is the first work the authors are aware of automatically discovering known-pair and chosen-text attacks. We describe the use of the analyzer to rediscover attacks, to find new variants of attacks on an early version of the ESP protocol, and to show how our experience in using it has led us to refine our model. This was the first use of the Analyzer to model protocols at such a low level of abstraction.
  • Keywords
    cryptography; formal verification; message authentication; network analysers; ESP protocol; NRL Protocol Analyzer; abstract system specifications; authentication; automated analysis; block ciphers; chosen-text attacks; ciphers; fail-safe revocation; formal characterization; formal methods; high level security properties; key exchange; known-pair attacks; necessary conditions; secure hash functions; sufficiency conditions; Associate members; Authentication; Cryptographic protocols; Cryptography; Dictionaries; Electrostatic precipitators; Formal verification; Privacy; Security;
  • fLanguage
    English
  • Journal_Title
    Selected Areas in Communications, IEEE Journal on
  • Publisher
    ieee
  • ISSN
    0733-8716
  • Type

    jour

  • DOI
    10.1109/49.839933
  • Filename
    839933