By Topic

Analysis of Authentication Protocols Based on Rubin Logic

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Yang Xu ; Sch. of Comput. Sci. & Technol., Guizhou Univ., Guiyang ; Xiaoyao Xie

Authentication protocols are the basis of security in networks. Therefore, it is essential to ensure that these protocols function correctly. However, it is difficult to design authentication protocols that are immune to malicious attack, since good analysis techniques are lacking. BAN-like logic is one of the main techniques for analysis of authentication protocols, but protocols idealization is the fatal weakness of it. In this paper, Rubin logic which is a new technique for analyzing security protocols is introduced. Two examples of Rubin logic's applications are given. First example is the Andrew secure RPC protocol using symmetric keys. The second one is the X.509 authentication protocol using asymmetric keys. Not only are the flaws of the protocols got with BAN logic found, but also some previously unknown flaws are found. With the result of the analysis, the new fixes of the two protocols are presented. These are stunning confirmations of the importance of Rubin logic for analyzing protocols.

Published in:

Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on

Date of Conference:

12-14 Oct. 2008