Title :
Extending the Strand Space Method to Verify Kerberos V
Author :
Li, Yongjian ; Pang, Jun
Author_Institution :
Chinese Acad. of Sci., Beijing
Abstract :
In this paper, we present two extensions of the strand space method to model Kerberos V. First, we include time and timestamps to model security protocols with times- tamps: we relate a key to a crack time and combine it with timestamps in order to define a notion of recency. Therefore, we can check replay attacks in this new framework. Second, we extend the classic strand space theory to model protocol mixture. The main idea is to introduce a new relation rarr to model the causal relation between one primary protocol session and one of its following secondary protocol session. Accordingly, we also revisit the definition of unsolicited authentication test. To demonstrate the power of this new theory, we model the Kerberos V protocol, and prove its secrecy and authentication goals. Our framework and the proofs of the example have been mechanized using Isabelle/HOL.
Keywords :
cryptographic protocols; formal verification; message authentication; Isabelle/HOL; Kerberos V protocol; cryptography; formal verification; security protocol; strand space method; unsolicited authentication test; Application software; Authentication; Computer science; Distributed computing; Embedded software; Information security; Laboratories; Protocols; Software safety; Space technology;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2007. PDCAT '07. Eighth International Conference on
Conference_Location :
Adelaide, SA
Print_ISBN :
0-7695-3049-4
DOI :
10.1109/PDCAT.2007.22
