Formal Analysis of ISO/IEC 9798-2 Authentication Standard using AVISPA

被引：9

作者：

Ziauddin, Sheikh ^{[1
]}

Martin, Bruno ^{[2
]}

机构：

[1] COMSATS Inst Informat Technol, Dept Comp Sci, Pk Rd, Islamabad, Pakistan

[2] Univ Nice Sophia Antipolis, CNRS, I3S UMR 7271, BP 121, F-06903 Sophia Antipolis, France

来源：

2013 EIGHTH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS) | 2013年

关键词：

PASSWORD AUTHENTICATION; SCHEME;

D O I：

10.1109/ASIAJCIS.2013.25

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Use of formal methods is considered as a useful and efficient technique for the validation of security properties of the protocols. In this paper, we analyze the protocols of ISO/IEC 9798-2 entity authentication standard using a state-of-the-art tool for automated analysis named AVISPA. Our analysis of the standard using AVISPA's OFMC and CL-AtSe back-ends shows that the two party protocols are secure against the specified security properties while the back-ends are able to find attacks against unilateral and mutual authentication protocols involving a trusted third party.

引用

页码：108 / 114

页数：7

共 50 条

[1] Provably repairing the ISO/IEC 9798 standard for entity authentication
Basin, David
Cremers, Cas
Meier, Simon
[J]. JOURNAL OF COMPUTER SECURITY, 2013, 21 (06) : 817 - 846
[2] Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication
Basin, David
Cremers, Cas
Meier, Simon
[J]. PRINCIPLES OF SECURITY AND TRUST, POST 2012, 2012, 7215 : 129 - 148
[3] Design and Formal Analysis of Electronic Voting Protocol using AVISPA
Oo, Htet Ne
Aung, Aye Moe
[J]. 2017 2ND INTERNATIONAL CONFERENCE FOR CONVERGENCE IN TECHNOLOGY (I2CT), 2017, : 1 - 8
[4] Analysis of the Quality in Use and Greenability with the ISO/IEC 25010 Standard
Hernandez Cruz, Luz Maria
Estrada Segovia, Guadalupe Manuel
Mex Alvarez, Diana Concepcion
Cab Chan, Jose Ramon
Gutierrez Gonzalez, Julio Antonio
Barrera Lao, Francisco Javier
[J]. 2020 15TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI'2020), 2020,
[5] A Gap Analysis of the ISO/IEC 27000 Standard Implementation in Namibia
Tjirare, Diana Jogbeth
Bhunu Shava, Fungai
[J]. 2017 IST-AFRICA WEEK CONFERENCE (IST-AFRICA), 2017,
[6] Implementing ISO/IEC 12207 standard using rational unified process
Reinehr, SS
Balduino, R
Machado, CAF
Pessôa, MS
[J]. SERP'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH AND PRACTICE, VOLS 1 AND 2, 2003, : 667 - 680
[7] Using ArchiMate to model ISO/IEC 29110 standard for very small entities
Buchalcevova, Alena
[J]. COMPUTER STANDARDS & INTERFACES, 2019, 65 : 103 - 121
[8] Monitoring the PH and conductivity of dielectric pulps using the ISO and IEC Standard Guidelines
Nogueira, JMF
Freitas, M
Gonçalves, M
[J]. TAPPI JOURNAL, 2003, 2 (03): : 24 - 25
[9] A simple and secure user authentication scheme using Map Street View with usability analysis based on ISO/IEC 25022
Mishra, Kailash Chandra
Dutta, Subrata
[J]. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2023, 22 (02) : 403 - 415
[10] A simple and secure user authentication scheme using Map Street View with usability analysis based on ISO/IEC 25022
Kailash Chandra Mishra
Subrata Dutta
[J]. International Journal of Information Security, 2023, 22 : 403 - 415

← 1 2 3 4 5 →