Environmental Requirements for Authentication Protocols

Abstract

Most work on requirements in the area of authentication protocols has concentrated on identifying requirements for the protocol without much consideration of context. Little work has concentrated on assumptions about the environment, for example, the applications that make use of authenticated keys. We will show in this paper how the interaction between a protocol and its environment can have a major effect on a protocol. Specifically we will demonstrate a number of attacks on published and/or widely used protocols that are not feasible against the protocol running in isolation (even with multiple runs) but become feasible in some application environments. We will also discuss the tradeoff between putting constraints on a protocol and putting constraints on the environment in which it operates.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2002
Accession Number
ADA464608

Entities

People

  • Catherine Meadows
  • Paul Syverson
  • Ran Canetti

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Agreements
  • Application Protocols
  • Asymetric Encryption
  • Authentication
  • Computer Access Control
  • Computer Communications
  • Cryptography
  • Environment
  • Guarantees
  • Military Research
  • Networks
  • Security
  • Security Protocols
  • Standards

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Systems Analysis and Design