A New Biometric ID-Based Cryptography Protocol and Security Analysis Using Petri Nets
Summary (2 min read)
Introduction
- Keywords- identity-based cryptosystem; biometrics; security analysis; cryptographic protocol; Petri nets.
- Due to the unique characteristics possessed by cryptographic protocols, analysis and evaluation tend to be more difficult than normal protocols.
- In Section 3, the authors model the client-server trust model using PN.
- Finally, the conclusions are given in Section 6.
B. Review of Proposed Protocl
- In their previous work [12], the authors have developed a new authentication protocol that allows remote mutual authentication with key agreement.
- Moreover, the new protocol is aimed to initiate secure authentication and communication between the client and server by building a robust mechanism between communicating parties.
- The following steps are necessary for the process of modelling: (a) Define the places and transitions and declare their functionalities (b) Implement a token passing scheme once the initial marking is set (c) Assess the model’s behaviour by examining reachability, boundedness, and liveness (d) Validate the model using simulation 2) Add the adversary model.
- The Petri net model in Fig. 2 represents the trust model for the proposed protocol.
- The main goal of the adversary model is to examine the protocol behaviour with the presence of an adversary while modelling attacks.
A. Analysis of Man-in-the-Middle Attack
- An active adversary A can intercept the communication line between a legitimate client and a trusted server as well as manipulate the protocol by using some means to successfully masquerade either as server or client.
- The definitions of the places and transitions used in this model are illustrated in Table 5 and Table 6, respectively.
- The adversary has the ability to control the negotiation between the client and the server.
- In fact, the adversary can clearly modify, substitute or delete all subsequent messages.
B. Analysis of Reflection Attack
- The reflection attack consists of two parties.
- Transitions are used to explicit the client and adversary actions.
- Tokens indicate the progress of the attack.
- Fig. 4 describes the execution of a reflection attack for the proposed protocol with presence of the client and adversary.
- It is obvious that, upon receiving the forged server’s response (which is in fact the adversary’s reply request), C will automatically acknowledge the response since the computation is accomplished with the correct key, so the MAC integrity check will succeed.
C. Analysis of Parallel Session Attack
- Another attack, which is effective against the proposed model without encrypted traffic, is parallel session attack.
- It involves selecting a valid combination of information from ongoing protocol executions.
- Fig. 6 explains the exploitation of parallel session attack on the proposed protocol with presence of adversary.
- The definitions of the places and the transitions for this model are defined in Table 9 and Table 10, respectively.
D. Analysis of Impersonation Attack
- Security analysis is a crucial significant process in evaluating communication and cryptographic protocols.
- The flaws within the protocol can be quickly removed via two solutions.
- Each attack scenario has been simulated using PN to exploits vulnerabilities in case if the symmetric encryption was not applied to their new protocol.
- Since the traffic is encrypted between the client and server, this proves that their new protocol is resistant to man-in-the-middle attack, reflection attack, parallel session attack, and impersonation attack.
- Also, this paper shows that replay attack and forgery attack are not effective because of the freshness property and the difficulty of creating a login request without learning any prior credentials.
Did you find this useful? Give us your feedback
References
229 citations
"A New Biometric ID-Based Cryptograp..." refers background in this paper
...Thus, ∆T is often set higher than the timespan of a complete round-trip [16-18] (2) The MAC integrity check will give a positive result since MAC`k(IDC, TS, W2, M6, M7) is actually computed with the correct key k by S....
[...]
84 citations
50 citations
37 citations
31 citations
Related Papers (5)
Frequently Asked Questions (10)
Q2. What is the definition of a petri net?
A Petri net is defined as a bipartite directed, weighted graph with two types of nodes called places and transitions, linked by directed arcs.
Q3. What is the main goal of the adversary model?
The main goal of the adversary model is to examine the protocol behaviour with the presence of an adversary while modelling attacks.
Q4. What is the viable countermeasure to defend authentication attacks?
It is evident that the most viable countermeasure to defend authentication attacks is to encrypt the message exchange between the client and server.
Q5. What is the definition of adversary entity?
the adversary entity is nondeterministic, in that it may perform different possible actions under different client identities at a given time to ultimately compromise the target system.
Q6. What is the common type of trust relationship between a client and a server?
Sometimes it may involve a trusted third party to operate the authentication and validation, such as the Kerberos login protocol [1], while other systems deploy biometric automated verification systems to recognise trusted users.
Q7. What is the likelihood of correlation associated with T – TC?
(1) The likelihood of correlation associated with T –̀ TC ≤ ∆T will be high considering the time-delay in widearea networks is unpredictable and varies most of the time.
Q8. How has the PN attack been simulated?
Each attack scenario has been simulated using PN to exploits vulnerabilities in case if the symmetric encryption was not applied to their new protocol.
Q9. What is the reason why the fabricated login request is sent to C?
A instantly impersonates C and initiates a new session with S by sending a fabricated login request: P19 = [IDA =ID`C , TA = T`S, W1=W`2, M3 = M`6, M7, MAC`k(IDC, TS, W2, M6, M7)], which is S original reply to C.Assume if the fabricated message arrives to S at time T, it will pass the verification check for the following reasons:
Q10. What is the purpose of the attack?
To exploit the reflection attack, the adversary A intercepts the login request while listening to the electronic conversation between client C and server S. Then, the adversary sends the same login request [ID`C, T`C, W`1, M`3, MAC`k(IDC, TC, W1 ,M3)] to C in a timely manner.