By Topic

Demarcation of Security in Authentication Protocols

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Naveed Ahmed ; Inf. & Math. Modeling, Tech. Univ. of Denmark, Lyngby, Denmark ; Christian Damsgaard Jensen

Security analysis of communication protocols is a slippery business, many ``secure'' protocols later turn out to be insecure. Among many, two complains are more frequent: inadequate definition of security and unstated assumptions in the security model. In our experience, one principal cause for such state of affairs is an apparent overlap of security and correctness, which may lead to many sloppy security definitions and security models. Although there is no inherent need to separate security and correctness requirements, practically, such separation is significant. It makes security analysis easier and enables us to define security goals with a fine granularity. We present one such separation, by introducing the notion of {binding sequence} as a security primitive. A emph{binding sequence}, roughly speaking, is the only required security property of an authentication protocol. All other authentication goals, the correctness requirements, can be derived from the {binding sequence}.

Published in:

SysSec Workshop (SysSec), 2011 First

Date of Conference:

6-6 July 2011