Browse > Article
http://dx.doi.org/10.3837/tiis.2014.12.021

Analysing the Combined Kerberos Timed Authentication Protocol and Frequent Key Renewal Using CSP and Rank Functions  

Kirsal-Ever, Yoney (Department of Computer Communications Engineering, School of Science and Technology, Middlesex University)
Eneh, Agozie (Department of Computer Science, University of Nigeria)
Gemikonakli, Orhan (Department of Computer Communications Engineering, School of Science and Technology, Middlesex University)
Mostarda, Leonardo (School of Science and Technology, Camerino University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.8, no.12, 2014 , pp. 4604-4623 More about this Journal
Abstract
Authentication mechanisms coupled with strong encryption techniques are used for network security purposes; however, given sufficient time, well-equipped intruders are successful for compromising system security. The authentication protocols often fail when they are analysed critically. Formal approaches have emerged to analyse protocol failures. In this study, Communicating Sequential Processes (CSP) which is an abstract language designed especially for the description of communication patterns is employed. Rank functions are also used for verification and analysis which are helpful to establish that some critical information is not available to the intruder. In order to establish this, by assigning a value or rank to each critical information, it is shown that all the critical information that can be generated within the network have a particular characterizing property. This paper presents an application of rank functions approach to an authentication protocol that combines delaying the decryption process with timed authentication while keys are dynamically renewed under pseudo-secure situations. The analysis and verification of authentication properties and results are presented and discussed.
Keywords
CASPER; CSP; Kerberos; Key-Exchange Protocol; Key Renewal; Network Security; Rank Functions; Timed Authentication Protocols;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Abadi, and R. Needham, "Prudent Engineering Practice for Cryptographic Protocols," IEEE Trans. Softw. Eng., vol.22, pp.6-15, 1996.   DOI   ScienceOn
2 A. Eneh, O. Gemikonakli, and R. Comley, "Security of Electronic Commerce Authentication Protocols in Economically Deprived Communities," in Proc. of The 5th Security Conference 06, Las Vegas, Nevada, April 2006, ISBN: 0-9772107-2-3.
3 Y. Kirsal, A. Eneh, and O. Gemikonakli, "A Solution to the Problem of Trusted 3rd Party of IEEE 802.11b Networks," in Proc. of 6th Annual Postgraduate Symposium (PGNET 2005), pp.333-339, 2005.
4 Y. Kirsal, and O. Gemikonakli, "An Authentication Protocol to Address the Problem of the Trusted 3rd Party," Authentication Protocols Innovative Algorithms and Techniques in Automation, Industrial Electronics and Telecommunications, pp.523-526, Springer, Netherlands, 2006.
5 Y. Kirsal, and O. Gemikonakli, "Frequent Key Renewal Under Pseudo-Secure Conditions For Increased Security in Kerberos Authentication and its Impact on System Performability," in Proc. of Proceedings of the 3rd International Conference on Global E-Security, University of East London (UeL), 2007.
6 Y. Kirsal, and O. Gemikonakli, "Further Improvements to the Kerberos Timed Authentication Protocol," Novel Algorithms and Techniques in Telecommunications, Automation and Industrial Electronics, pp.550-554, Springer Netherlands, 2007.
7 Y. Kirsal, and O. Gemikonakli, "Improving Kerberos Security through the Combined Use of the Timed Authentication Protocol and Frequent Key Renewal," in Proc. of 7th IEEE International Conference on Cybernetic Intelligent Systems (CIS2008), pp.153-158, IEEE Press, 2008.
8 Y. Kirsal, and O. Gemikonakli, "Analysing the Kerberos Timed Authentication Protocol Using CSP-Rank Functions," in Proc. of the 5th International Conference on Global Security, Safety and Sustainability, ICGS3'09, pp. 56-63, 2009.
9 G. Lowe, "Some New Attacks upon Security Protocols," in Proc. of 9th IEEE Computer Security Workshops, pp.162-169, Society Press, 1996.
10 R. M. Needham, and M. D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers," Communication ACM, vol.21, pp.993-99, ACM Press, 1978.   DOI   ScienceOn
11 A. W. Roscoe, "CSP and Determinism in Security Modelling", In Proc. IEEE Symposium on Security and Privacy, pp.114-127, Society Press, 1995.
12 S. Schneider, "Verifying Authentication Protocols in CSP," IEEE Trans. Software Eng., vol.24, pp.741-758, IEEE Press, 1998.   DOI   ScienceOn
13 S. Shaikh, and V. Bush, "Analysing the Woo-Lam Protocol using CSP and Rank Functions," Journal of Research and Practice in Information Technology, vol.38, pp.19- 29, 2006.
14 A. Roy, A. Datta, A., Derek, J.C. Mitchell, and J. P. Seifert, " Secrecy Analysis in Protocol Composition Logic," Advances in Computer Science (ASIAN 2006), Secure Software and Related Issues Lecture Notes in Computer Science, vol. 4435, no. 2, pp 197-213, 2006.
15 A. Datta, A. Derek, J.C. Mitchell, and A. Roy, "Protocol Composition Logic PCL," Electronic Notes in Theoretical Computer Science, vol. 172, pp. 311 - 358, 2007.   DOI   ScienceOn
16 SECWP. Security White Paper Evolution, Requirements, and Options. Technical report, Symbol Technologies Inc., 2007.
17 M. A. Kâafar, L. B. Azzouz, F. Kamoun, and D. Males, "A Kerberos-Based Authentication Architecture for Wireless LANs," NETWORKING, pp. 1344-1353, 2004. Article (CrossRef Link)
18 S. Zrelli, and Y. Shinoda, "Specifying Kerberos over EAP: Towards an Integrated Network Access and Kerberos Single sign-on Process," in Proc. of International Conference on Advanced Information Networking and Applications, IEEE ComputerSociety, 2007.
19 J. Kohl, and C. Neuman. The Kerberos Network Authentication Service (v5). RFC, MIT/ The Internet Society, United States, 1993.
20 C. Neuman, and T. Ts'o, "Kerberos: An Authentication Service for Computer Networks," IEEE Communications Magazine, vol. 32, no.9, : pp. 33-38, September 1994.   DOI   ScienceOn
21 A. W. Roscoe, P. J. Armstrong, and Pragyesh, "Local Search in Model Checking," in Proc. of the 7th International Symposium on Automated Technology for Verification and Analysis, ATVA'09, pp. 22-38, Berlin, Heidelberg, 2009. Springer-Verlag. ISBN 978-3-642-04760-2.
22 C. A. Meadows, "Formal verification of cryptographic protocols: A survey," Advances in Cryptology (ASIACRYPT'94), vol. 917 of Lecture Notes in Computer Science, pp. 133-150, Springer Berlin / Heidelberg, 1995.
23 C.A. R. Hoare, "Communicating sequential processes," Communications of the ACM, vol. 21, pp:666-677, 1985.
24 J.F. Monin, "Understanding Formal Methods," Springer-Verlag New York, Inc., Secaucus, NJ, 2001. ISBN 1852332476.
25 V. Cortier, J. Delaitre, and S. Delaune, "Safely Composing Security Protocols," Formal Methods in System Design, vol.34, no.1, pp.1-36, 2009.   DOI
26 G. Lowe, "Casper: A Compiler for the Analysis of Security Protocols," in Proc. of 10th Computer Security Foundations Workshop (CSFW '97), vol.18, no.30, IEEE Computer Society, 1997.