Results 1 - 10
of
222
Secure Routing for Mobile Ad Hoc Networks
- MOBILE COMPUTING AND COMMUNICATIONS REVIEW
, 2002
"... For such self-organizing infrastructures as mobile ad hoc
networks , envisioned to operate in an open, collaborative,
and highly volatile environment, the importance of secu-
rity cannot be underrated. The provision of comprehen-
sive secure communication mandates that both route dis-
covery and dat ..."
Abstract
-
Cited by 599 (14 self)
- Add to MetaCart
For such self-organizing infrastructures as mobile ad hoc
networks , envisioned to operate in an open, collaborative,
and highly volatile environment, the importance of secu-
rity cannot be underrated. The provision of comprehen-
sive secure communication mandates that both route dis-
covery and data forwarding be safeguarded. The discussed
here Secure Routing Protocol (SRP) [1] counters malicious
behavior that targets the discovery of topological informa-
tion. The protection of the data transmission is a separate
problem: an intermittently misbehaving attacker could first
comply with the route discovery to make itself part of a
route, and then corrupt the in-transit data. Protection of
data transmission is addressed through our related Secure
Message Transmission Protocol (SMT), which provides a
flexible, end-to-end secure data forwarding scheme that
naturally complement SRP. Here we discuss the design of
SRP only, while SMT is the subject of another publication.
Supporting Trust in Virtual Communities
, 2000
"... At any given time, the stability of a community depends on the right balance of trust and distrust. Furthermore, we face information overload, increased uncertainty and risk taking as a prominent feature of modern living. As members of society, we cope with these complexities and uncertainties by re ..."
Abstract
-
Cited by 402 (8 self)
- Add to MetaCart
(Show Context)
At any given time, the stability of a community depends on the right balance of trust and distrust. Furthermore, we face information overload, increased uncertainty and risk taking as a prominent feature of modern living. As members of society, we cope with these complexities and uncertainties by relying trust, which is the basis of all social interactions. Although a small number of trust models have been proposed for the virtual medium, we find that they are largely impractical and artificial. In this paper we provide and discuss a trust model that is grounded in real-world social trust characteristics, and based on a reputation mechanism, or word-of-mouth. Our proposed model allows agents to decide which other agents' opinions they trust more and allows agents to progressively tune their understanding of another agent's subjective recommendations.
Valuation of Trust in Open Networks
, 1994
"... . Authentication in open networks usually requires participation of trusted entities. Many protocols allow trust to be obtained by recommendation of other entities whose recommendations are known to be reliable. To consider an entity as being trustworthy, especially if there have been several mediat ..."
Abstract
-
Cited by 235 (0 self)
- Add to MetaCart
. Authentication in open networks usually requires participation of trusted entities. Many protocols allow trust to be obtained by recommendation of other entities whose recommendations are known to be reliable. To consider an entity as being trustworthy, especially if there have been several mediators or contradicting recommendations, it is necessary to have a means of estimating its trustworthiness. In this paper we present a method for the valuation of trustworthiness which can be used to accept or reject an entity as being suitable for sensitive tasks. It constitutes an extension of the work of Yahalom, Klein and Beth ([YKB93]). Keywords: Trust values, Trust measures, Distributed systems 1 Introduction Communication in open networks often requires information about the trustworthiness of the participating entities, especially when authentication protocols need to be performed. If, for example, user A receives a message signed allegedly by user B without having B's verification dat...
A Semantic Model for Authentication Protocols
, 1993
"... We specify authentication protocols as formal objects with precise syntax and semantics, and define a semantic model that characterizes protocol executions. We have identified two basic types of correctness properties, namely, correspondence and secrecy, that underlie the correctness concerns of aut ..."
Abstract
-
Cited by 175 (3 self)
- Add to MetaCart
We specify authentication protocols as formal objects with precise syntax and semantics, and define a semantic model that characterizes protocol executions. We have identified two basic types of correctness properties, namely, correspondence and secrecy, that underlie the correctness concerns of authentication protocols. We define assertions for specifying these properties, and a formal semantics for their satisfaction in the semantic model. The Otway-Rees protocol is used to illustrate the semantic model and the basic correctness properties. 1 Introduction Authentication is a fundamental concern in the design of secure distributed systems [14, 25]. In distributed systems, authentication is typically carried out by protocols, called authentication protocols. The primary goal of an authentication protocol is to establish the identities of the parties (referred to as principals in the security literature) who participate in the protocol. Many authentication protocols, however, also acc...
A Taxonomy of Replay Attacks
- In Proceedings of the 7th IEEE Computer Security Foundations Workshop
, 1994
"... This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classifi ..."
Abstract
-
Cited by 107 (1 self)
- Add to MetaCart
(Show Context)
This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classified by the taxonomy. The classification of attacks is illustrated using both new and previously known attacks on protocols. The taxonomy is also used to discuss the appropriateness of particular countermeasures and protocol analysis methods to particular kinds of replays. Introduction Cryptographic protocols employ cryptography to achieve some security function. But, for many of these protocols the structure, hence the security, of the employed cryptographic algorithms is not considered to be part of the protocol itself. These algorithms are generically represented by notation capturing only gross features, e.g., whether the algorithm is for public or shared keys, whether it produces a hash...
Formal Verification of Cryptographic Protocols: A Survey
, 1995
"... In this paper we give a survey of the state of the art in the application of formal methods to the analysis of cryptographic protocols. We attempt to outline some of the major threads of research in this area, and also to document some emerging trends. ..."
Abstract
-
Cited by 105 (1 self)
- Add to MetaCart
(Show Context)
In this paper we give a survey of the state of the art in the application of formal methods to the analysis of cryptographic protocols. We attempt to outline some of the major threads of research in this area, and also to document some emerging trends.
Athena: a new efficient automatic checker for security protocol analysis
- In Proceedings of the Twelth IEEE Computer Security Foundations Workshop
, 1999
"... We propose an efficient automatic checking algorithm, Athena, for analyzing security protocols. Athena incorporates a logic that can express security properties including authentication, secrecy and properties related to electronic commerce. We have developed an automatic procedure for evaluating we ..."
Abstract
-
Cited by 92 (1 self)
- Add to MetaCart
(Show Context)
We propose an efficient automatic checking algorithm, Athena, for analyzing security protocols. Athena incorporates a logic that can express security properties including authentication, secrecy and properties related to electronic commerce. We have developed an automatic procedure for evaluating well-formed formulae in this logic. For a well-formed formula, if the evaluation procedure terminates, it will generate a counterexample if the formula is false, or provide a proof if the formula is true. Even when the procedure does not terminate when we allow any arbitrary configurations of the protocol execution, (for example, any number of initiators and responders), termination could be forced by bounding the number of concurrent protocol runs and the length of messages, as is done in most existing model checkers. Athena also exploits several state space reduction techniques. It is based on an extension of the recently proposed Strand Space Model [25] which captures exact causal relation information. Together with backward search and other techniques, Athena naturally avoids the state space explosion problem commonly caused by asynchronous composition and symmetry redundancy. Athena also has the advantage that it can easily incorporate results from theorem proving through unreachability theorems. By using the unreachability theorems, it can prune the state space at an early stage, hence, reduce the state space explored and increase the likely-hood of termination. As shown in our experiments, these techniques dramatically reduce the state space that needs to be explored.
Applying Formal Methods to the Analysis of a Key Management Protocol
- Journal of Computer Security
, 1992
"... In this paper we develop methods for analyzing key management and authentication protocols using techniques developed for the solutions of equations in a term rewriting system. In particular, we describe a model of a class of protocols and possible attacks on those protocols as term rewriting system ..."
Abstract
-
Cited by 89 (10 self)
- Add to MetaCart
(Show Context)
In this paper we develop methods for analyzing key management and authentication protocols using techniques developed for the solutions of equations in a term rewriting system. In particular, we describe a model of a class of protocols and possible attacks on those protocols as term rewriting systems, and we also describe a software tool based on a narrowing algorithm that can be used in the analysis of such protocols. We formally model a protocol and describe the results of using these techniques to analyze security properties. We show how a security flaw was found, and we also describe the verification of a corrected scheme using these techniques. 1 Introduction It is difficult to be certain whether or not a cryptographic protocol satisfies its requirements. In a number of cases subtle security flaws have been found in protocols some time after they were published. These flaws were independent of the strengths or weakness of the cryptographic algorithms used. Examples include the N...
Athena: a novel approach to efficient automatic security protocol analysis
- Journal of Computer Security
, 2001
"... protocol analysis ..."
(Show Context)
