Web security: Authentication protocols and their analysis

被引:1
|
作者
Wen, W [1 ]
Mizoguchi, F [1 ]
机构
[1] Tokyo Univ Sci, Noda, Chiba 2788510, Japan
来源
NEW GENERATION COMPUTING | 2001年 / 19卷 / 03期
关键词
internet security; authentication protocol; security protocol analysis;
D O I
10.1007/BF03037600
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Authentication is one of the basic building blocks of computer security. It is achieved through the execution of an authentication protocol between two or more parties. One such protocol, the Secure Socket Layer (SSL) protocol, has become the de facto standard for Web security. This paper provides an overview of results and methods used in analyzing authentication protocols. The aim is to provide a bird's eye view of the assumptions, methods, and results that are available for anyone who is interested in designing new security protocols or applying a new analysis approach. A detailed description of the SSL handshake protocol as well as how changes in environment assumption can lead to unexpected consequences, is provided. A fix to the weakness is also described.
引用
收藏
页码:283 / 299
页数:17
相关论文
共 50 条
  • [31] Security Verification for Authentication and Key Exchange Protocols
    Ota, Haruki
    Kiyomoto, Shinsaku
    Tanaka, Toshiaki
    [J]. 2008 INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY AND ITS APPLICATIONS, VOLS 1-3, 2008, : 507 - 512
  • [32] Scalability and Security Conflict for RFID Authentication Protocols
    Imran Erguler
    Emin Anarim
    [J]. Wireless Personal Communications, 2011, 59 : 43 - 56
  • [33] Overview security analysis of 3G authentication protocols and technical specifications
    Cao, Chenlei
    Zhang, Ru
    Niu, Xinxin
    Zhou, Linna
    Zhang, Zhentao
    [J]. Qinghua Daxue Xuebao/Journal of Tsinghua University, 2009, 49 (SUPPL. 2): : 2193 - 2199
  • [34] Authentication Tests Based on Distributed Temporal Protocol Logic for the Analysis of Security Protocols
    Muhammad, Shahabuddin
    [J]. INFORMATICS ENGINEERING AND INFORMATION SCIENCE, PT I, 2011, 251 : 214 - 228
  • [35] Security Enhanced RFID Authentication Protocols for Healthcare Environment
    Xie, Shaohao
    Zhang, Fangguo
    Cheng, Rong
    [J]. WIRELESS PERSONAL COMMUNICATIONS, 2021, 117 (01) : 71 - 86
  • [36] Security Flaws in Authentication Protocols with Anonymity for Wireless Environments
    Xu, Jing
    Feng, Dengguo
    [J]. ETRI JOURNAL, 2009, 31 (04) : 460 - 462
  • [37] Security of public key certificate based authentication protocols
    Wen, W
    Saito, T
    Mizoguchi, F
    [J]. PUBLIC KEY CRYTOGRAPHY, 2000, 1751 : 196 - 209
  • [38] Compositional analysis of authentication protocols
    Bugliesi, M
    Focardi, R
    Maffei, M
    [J]. PROGRAMMING LANGUAGES AND SYSTEMS, 2004, 2986 : 140 - 154
  • [39] A review of authentication protocols for rfid security on smart healthcare
    Dearfian, Hanif Restu
    Amiruddin, Amiruddin
    [J]. TARUMANAGARA INTERNATIONAL CONFERENCE ON THE APPLICATIONS OF TECHNOLOGY AND ENGINEERING, 2019, 508
  • [40] RFID Mutual Authentication Protocols with Universally Composable Security
    Su, Chunhua
    Li, Yingjiu
    Deng, Robert H.
    [J]. RADIO FREQUENCY IDENTIFICATION SYSTEM SECURITY (RFIDSEC'11), 2011, 6 : 35 - 49
12345