On-the-fly Trace Generation Approach to the Security Analysis of Cryptographic Protocols: Coloured Petri Nets-based Method

被引:0
|
作者
Permpoontanalarp, Yongyuth [1 ]
Sornkhom, Panupong [1 ]
机构
[1] King Mongkuts Univ Technol Thonburi, Dept Comp Engn, Fac Engn, Log & Secur Lab, Bangkok 10140, Thailand
来源
FUNDAMENTA INFORMATICAE | 2014年 / 130卷 / 04期
关键词
Formal methods for cryptographic protocols; Model checking; Coloured Petri Nets; Petri Nets; TMN PROTOCOL; SPECIFICATION; BREAKING; ATTACK;
D O I
10.3233/FI-2014-999
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Most Petri nets-based methods that have been developed to analyze cryptographic protocols provide the analysis of one attack trace only. Only a few of them offer the analysis of multiple attack traces, but they are rather inefficient. Analogously, the limitation of the analysis of one attack trace occurs in most model checking methods for cryptographic protocols. In this paper, we propose a very simple but practical Coloured Petri nets-based model checking method for the analysis of cryptographic protocols, which overcomes these limitations. Our method offers an efficient analysis of multiple attack traces. We apply our method to two case studies which are TMN authenticated key exchanged protocol and Micali's contract signing protocol. Surprisingly, our simple method is very efficient when the numbers of attack traces and states are large. Also, we find many new attacks in those protocols.
引用
收藏
页码:423 / 466
页数:44
相关论文
共 8 条
  • [1] On-the-Fly Trace Generation Approach to the Security Analysis of the TMN Protocol with Homomorphic Property: A Petri Nets-Based Method
    Permpoontanalarp, Yongyuth
    Changkhanak, Apichai
    [J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2012, E95D (01): : 215 - 229
  • [2] On-the-Fly Trace Generation and Textual Trace Analysis and Their Applications to the Analysis of Cryptographic Protocols
    Permpoontanalarp, Yongyuth
    [J]. FORMAL TECHNIQUES FOR DISTRIBUTED SYSTEMS, PROCEEDINGS, 2010, 6117 : 201 - 215
  • [3] Fuzzy coloured petri nets-based method to analyse and verify the functionality of software
    Chavoshi, Mina
    Babamir, Seyed Morteza
    [J]. CAAI TRANSACTIONS ON INTELLIGENCE TECHNOLOGY, 2023, 8 (03) : 863 - 879
  • [4] New approach to cryptographic protocol analysis using coloured Petri nets
    Basyouni, AM
    Tavares, SE
    [J]. 1997 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, CONFERENCE PROCEEDINGS, VOLS I AND II: ENGINEERING INNOVATION: VOYAGE OF DISCOVERY, 1997, : 334 - 337
  • [5] Modelling and Verification of Interorganizational Workflows with Security Constraints: A Petri Nets-Based Approach
    Captarencu, Oana Otilia
    [J]. ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS, CAISE 2012, 2012, 112 : 486 - 493
  • [6] Modeling and analysis of security protocols using role based specifications and Petri nets
    Bouroulet, Roland
    Devillers, Raymond
    Klaudel, Hanna
    Pelz, Elisabeth
    Pommereau, Franck
    [J]. APPLICATIONS AND THEORY OF PETRI NETS, 2008, 5062 : 72 - +
  • [7] Petri nets-based method for operational risk analysis in supply chains based on timeliness and recovery time
    Skorupski, Jacek
    Tubis, Agnieszka A.
    Werbinska-Wojciechowska, Sylwia
    Wroblewski, Adam
    [J]. PROCEEDINGS OF THE INSTITUTION OF MECHANICAL ENGINEERS PART O-JOURNAL OF RISK AND RELIABILITY, 2024, 238 (03) : 523 - 539
  • [8] Modelling and performance analysis of a novel position-based reliable unicast and multicast routing method using Coloured Petri Nets
    Erbas, F
    Kyamakya, K
    Jobmann, K
    [J]. 2003 IEEE 58TH VEHICULAR TECHNOLOGY CONFERENCE, VOLS1-5, PROCEEDINGS, 2003, : 3099 - 3104
1