• DocumentCode
    2517463
  • Title

    Demarcation of Security in Authentication Protocols

  • Author

    Ahmed, Naveed ; Jensen, Christian Damsgaard

  • Author_Institution
    Inf. & Math. Modeling, Tech. Univ. of Denmark, Lyngby, Denmark
  • fYear
    2011
  • fDate
    6-6 July 2011
  • Firstpage
    43
  • Lastpage
    50
  • Abstract
    Security analysis of communication protocols is a slippery business, many ``secure´´ protocols later turn out to be insecure. Among many, two complains are more frequent: inadequate definition of security and unstated assumptions in the security model. In our experience, one principal cause for such state of affairs is an apparent overlap of security and correctness, which may lead to many sloppy security definitions and security models. Although there is no inherent need to separate security and correctness requirements, practically, such separation is significant. It makes security analysis easier and enables us to define security goals with a fine granularity. We present one such separation, by introducing the notion of {binding sequence} as a security primitive. A emph{binding sequence}, roughly speaking, is the only required security property of an authentication protocol. All other authentication goals, the correctness requirements, can be derived from the {binding sequence}.
  • Keywords
    cryptographic protocols; authentication protocols; cryptographic protocol; security analysis; Analytical models; Authentication; Concrete; Databases; Mathematical model; Protocols; Correctness; Entity Authentication; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    SysSec Workshop (SysSec), 2011 First
  • Conference_Location
    Amsterdam
  • Print_ISBN
    978-1-4577-1528-0
  • Type

    conf

  • DOI
    10.1109/SysSec.2011.13
  • Filename
    6092762