Browse > Article

Analyzing and Fixing the Vulnerabilities of ASK Protocol  

Ryu Gab Sang (동신대학교 멀티미디어공학과)
Kim Il Gon (고려대학교 컴퓨터학과)
Kim Hyun Seok (고려대학교 컴퓨터학과)
Lee Ji Yeon (고려대학교 컴퓨터학과)
Kang In Hye (서울시립대학교 컴퓨터학과)
Choi Jin Young (고려대학교 컴퓨터학과)
Publication Information
Journal of KIISE:Information Networking / v.33, no.1, 2006 , pp. 1-8 More about this Journal
Abstract
Security protocols have usually been developed using informal design and verification techniques. However, many security protocols thought to be secure was found to be vulnerable later. Thus, the importance of formal specification and verification for analyzing the safely of protocols is increasing. With the rise of mobile communication networks, various mobile security protocols have been proposed. In this paper, we identify the security weakness of the ASK mobile Protocol using formal verification technique. In addition, we propose a new ASK protocol modifying its vulnerability and verify its robustness.
Keywords
ASK protocol; formal verification; mobile protocol;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. J. Beller, L. -F. Chang and Y. Yacobi, 'Privacy and authentication on a portable communications system,' Proceedings of the International Computer Symposium, Vol.1, pp.821-829, 1994
2 A. Aziz and W. Diffie, 'Privacy and authentication for wireless local area networks,' IEEE Personal Commun., First Quarter 25 31, 1994   DOI   ScienceOn
3 W. Stallings, NETWORK SECURITY ESSENTIALS : Applications and Standards, Second Edition, page 70, Prentice-Hall, 1999
4 M. Aydos, B. Sunar, and C. K. Koc, 'An elliptic curve cryptography based authentication and key agreement protocol for wireless communication,' presented at the 2nd Int. Workshop Discrete Algorithms and Methods for Mobility, Dallas, TX, Oct. 1998
5 Formal Systems (Europe) Ltd. Failure Divergence Refinement-FDR2 User Manual. 1999
6 C. A. R. Hoare, Communicating Sequential Processes, Prentice-Hall, 1985
7 P. Y. A. Ryan and S. A. Schneider, modelling and analysis of security protocols: the CSP Approach, Addison-Wesley, 2001
8 G. Lowe, 'Casper: A Compiler for the Analysis of Security Protocols,' 10th IEEE Computer Security Foundations Workshop, 1997   DOI
9 A. Roscoe and M. Goldsmith, 'The Perfect Spy for Model-Checking Cryptoprotocols,' Proceedings of the 1997 DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997
10 Z. Dang, 'Using the ASTRAL Model Checker for Cryptographic Protocol Analysis,' Proceedings of the 1997 DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997
11 T. Coffey and R. Dojen, 'Analysis of a mobile communication security protocol,' Proceeding of the 1st international symposium on Information and communication technologies, pp. 322-328, 2003
12 I. G. Kim and J. Y. Choi, 'Formal verification of PAP and EAP- MD5 Protocols in wireless networks : FDR Model Checking,' 18th AINA, pp.264-269, 2004   DOI
13 G. Lowe, 'Breaking and Fixing the Needham-Schroeder Public-Key Protocol,'TACAS 96, pp.147-166, 1996