Online citations, reference lists, and bibliographies.

A Hierarchy Of Authentication Specifications

G. Lowe
Published 1997 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
Many security protocols have the aim of authenticating one agent to another. Yet there is no clear consensus in the academic literature about precisely what "authentication" means. We suggest that the appropriate authentication requirement will depend upon the use to which the protocol is put, and identify several possible definitions of "authentication". We formalize each definition using the process algebra CSP, use this formalism to study their relative strengths, and show how the model checker FDR can be used to test whether a system running the protocol meets such a specification.
This paper references
10.1145/381906.381946
Limitations of the Kerberos authentication system
S. Bellovin (1990)
10.1109/CSFW.1996.503688
Intensional specifications of security protocols
A. Roscoe (1996)
10.1007/BF00124891
Authentication and authenticated key exchanges
W. Diffie (1992)
Mechanized Proofs of Security Protocols: Needham-Schroeder with Public Keys
Lawrence Charles Paulson (1997)
Authentication and authenticated key exchanges. Designs, Codes and Cryptography, 2:107{125, 1992. For96] Formal Systems (Europe) Ltd. Failures-Divergence Reenement| FDR 2|User Manual
Dvow92 ] Whitteld (1996)
International Organization for Standardization Information Technology|Security Techniques|entity authentication mechanisms; part 3: Entity authentication mechanisms using a public key algorithm
Iso91a (1991)
Authentication and authenticated key exchanges. Designs, Codes and Cryptography
W Diffie (1992)
Intensional speciication of security protocols
A W Ros (1996)
A logic of authentication A preliminary version appeared as Digital Equipment Corporation Systems
M Burrows (1989)
10.1016/0020-0190(94)00175-X
On the security of SPLICE/AS - The authentication system in WIDE Internet
T. Hwang (1995)
10.1145/77648.77649
A logic of authentication
M. Burrows (1990)
10.1109/CSFW.1996.503701
Some new attacks upon security protocols
G. Lowe (1996)
A lesson on authenticated protocol design
Wl94 ] Thomas Y C Woo (1994)
10.1145/358722.358740
Timestamps in key distribution protocols
D. Denning (1981)
10.1016/0020-0190(95)00144-2
An Attack on the Needham-Schroeder Public-Key Authentication Protocol
G. Lowe (1995)
10.1016/0020-0190(95)00177-E
Two Attacks on Neuman-Stubblebine Authentication Protocols
Tzonelih Hwang (1995)
Using CSP for protocol analysis: the Needham-Schroeder Public-Key Protocol
Steve Schneider (1996)
10.1109/TENCON.1990.152691
Design and implementation of an authentication system in WIDE Internet environment
S. Yamaguchi (1990)
A Family of Attacks upon Authentication Protocols
G. Lowe (1997)
10.1145/24592.24594
Efficient and timely mutual authentication
D. J. Otway (1987)
10.1109/SECPRI.1996.502680
Security properties and CSP
S. Schneider (1996)
Model-checking CSP. In A Classical Mind
A. W. Roscoe (1994)
Model-checking CSP. In A Classical Mind, Essays
A. W. Roscoe (1987)
10.1145/359657.359659
Using encryption for authentication in large networks of computers
R. Needham (1978)
Formal Systems (Europe) Ltd. Failures-Divergence Refinement—FDR 2—User Manual
(1997)
A hierarchy of authentication specifications
G. Lowe (1996)
10.1007/BFb0015258
Programming Satan's Computer
R. Anderson (1995)
10.1145/65000.65002
Integrating security in a large distributed system
M. Satyanarayanan (1989)
10.1109/CSFW.1997.596788
Proving properties of security protocols by induction
Lawrence Charles Paulson (1997)
Model-checking CSP. In A Classical Mind, Essays in Honour of
A W Ros (1994)
Model-checking CSP
A. Roscoe (1994)
10.1145/142854.142872
A nonce-based protocol for multiple authentications
A. Kehne (1992)
10.1145/359576.359585
Communicating sequential processes
C. Hoare (1978)
Model-checking CSP. In A Classical Mind, Essays in Honour of
A W Roscoe (1994)
10.21236/ada463948
A Taxonomy of Replay Attacks
Paul Syverson (1994)
11770-2:1994 \Information technology|Security Techniques|Key management|Part 2: Mechanisms using symmetric techniques
Iso94 ] Iso / Iec Dis (1994)
509. the directory-authentication framework, version 7 On the security of recent protocols Timestamps in key distribution protocols
(1981)
10.1109/49.223869
Systematic Design of a Family of Attack-Resistant Authentication Protocols
R. Bird (1993)
10.1007/3-540-61042-1_43
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
G. Lowe (1996)
10.1109/SECPRI.1996.502668
What do we mean by entity authentication?
D. Gollmann (1996)
Kerberos authentication and authorization system
S. P. Miller (1987)
10.1109/CSFW.1997.596779
Casper: a compiler for the analysis of security protocols
G. Lowe (1997)



This paper is referenced by
10.1007/978-3-642-04444-1_21
Secure Pseudonymous Channels
S. Mödersheim (2009)
10.1007/978-3-540-78636-8_8
Historical Background and Further Reading
Cas J. F. Cremers (2012)
10.1007/978-0-387-88775-3_4
Specification of Security and Dependability Properties
Sigrid Gürgens (2009)
10.1109/INDIN.2017.8104750
Design, verification and implementation of a lightweight remote attestation protocol for process control systems
Béla Genge (2017)
10.1007/978-3-030-19052-1_10
Enrich-by-need Protocol Analysis for Diffie-Hellman (Extended Version)
Moses D. Liskov (2019)
10.3929/ETHZ-A-006775802
On the relationships between models in protocol verification (extended version)
Sebastian Mödersheim (2011)
10.1145/3316615.3316629
Verification of Verifiability of Voting Protocols by Strand Space Analysis
Shigeki Hagihara (2019)
University of Dundee Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive
Jannik Dreier (2018)
10.1109/JIOT.2020.2967464
DTLShps: SDN-Based DTLS Handshake Protocol Simplification for IoT
Yan Ma (2020)
10.1145/3133956.3134063
A Comprehensive Symbolic Analysis of TLS 1.3
C. Cremers (2017)
10.1007/978-3-0348-8295-8_17
Authentication-Myths and Misconceptions
D. Gollmann (2001)
10.1007/3-540-45608-2_4
Security Goals: Packet Trajectories and Strand Spaces
J. Guttman (2000)
A Decision Procedure for Structured Cryptographic Protocols
F. Gagnon (2006)
10.1109/CSFW.2005.7
An encapsulated authentication logic for reasoning about key distribution protocols
I. Cervesato (2005)
10.1145/335169.335198
Paradigm shifts in protocol analysis
S. Pancho-Festin (1999)
10.3929/ETHZ-A-006786501
Comparing State Spaces in Automatic Security Protocol Verification
C. Cremers (2007)
10.1016/j.entcs.2005.11.074
On the Relationship Between Web Services Security and Traditional Protocols
E. Kleiner (2005)
Non-Functional Aspects of Wide Area Network Programming
E. Tuosto (2005)
10.1016/S0304-3975(02)00333-X
Typing correspondence assertions for communication protocols
A. Gordon (2003)
10.1145/501983.502009
The faithfulness of abstract protocol analysis: message authentication
J. Guttman (2001)
10.1002/cpe.4868
Testbed evaluation of Lightweight Authentication Protocol (LAUP) for 6LoWPAN wireless sensor networks
Annie Gilda Roselin Arockia Baskaran (2019)
10.1016/j.cose.2008.10.001
Specifying authentication using signal events in CSP
Siraj Ahmed Shaikh (2009)
10.1145/1966913.1966955
Formal modelling and automatic detection of resource exhaustion attacks
Bogdan Groza (2011)
10.1109/SCNS.2016.7870562
A secure cloud-based NFC payment architecture for small traders
Nour El Madhoun (2016)
10.3233/JCS-15769
Abstractions for security protocol verification
Thanh Binh Nguyen (2018)
10.1007/S41980-018-0087-9
An Omniscience-Free Temporal Logic of Knowledge for Verifying Authentication Protocols
S H Yar Ahmadi (2018)
10.1109/CyberC.2014.25
EAC: A Framework of Authentication Property for the IOTs
L. Liu (2014)
10.1109/Cybermatics_2018.2018.00140
AMLT: A Mutual Authentication Scheme for Mobile Cloud Computing
Saurabh Dey (2018)
10.1016/J.COSE.2018.09.018
Formally and practically verifying flow properties in industrial systems
Jannik Dreier (2019)
Untraceable RFID protocols are not trivially composable: Attacks on the revision of EC-RAC
Ton van Deursen (2009)
Authentication Analysis of the 802.11i Protocol
Z. Furqan (2008)
A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols
Y. Chevalier (2004)
See more
Semantic Scholar Logo Some data provided by SemanticScholar