Proceedings ArticleDOI
Verifiable-text attacks in cryptographic protocols
Li Gong
- pp 686-693
TLDR
The author introduces a form of attack, a verifiable-test attack, in which an attacker obtains secret information, such as a password used in a protocol, without breaking the underlying cryptosystem.Abstract:
The author introduces a form of attack, a verifiable-test attack, in which an attacker obtains secret information, such as a password used in a protocol, without breaking the underlying cryptosystem. An investigation is made of the essence of a verifiable-text attack, and an algorithm for examining protocols and searching for vulnerabilities to such an attack is developed. Caution has to be exercised in certifying that a protocol is not vulnerable because a healthy protocol may become vulnerable when it interacts with another vulnerable or even healthy protocol. >read more
Citations
More filters
Proceedings ArticleDOI
Encrypted key exchange: password-based protocols secure against dictionary attacks
TL;DR: A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Journal ArticleDOI
Protecting poorly chosen secrets from guessing attacks
TL;DR: The basic idea is to ensure that data available to the attacker is sufficiently unpredictable to prevent an offline verification of whether a guess is successful or not and to examine protocols to detect vulnerabilities to such attacks.
Proceedings ArticleDOI
Automated verification of selected equivalences for security protocols
TL;DR: In this article, the authors focus on proving equivalences P/spl ap/Q in which P and Q are two processes that differ only in the choice of some terms, and treat them as predicates on the behaviors of a process that represents P and Z at the same time.
Patent
A cryptographic protocol for secure communications
TL;DR: In this article, the authors proposed a cryptographic communication system, which employs a novel combination of public and private key cryptography, allowing two parties, who share only a relatively insecure password, to bootstrap a computationally secure cryptographic system over an insecure network.
Journal ArticleDOI
Automated verification of selected equivalences for security protocols
TL;DR: This work focuses on proving equivalences P ≈ Q in which P and Q are two processes that differ only in the choice of some terms, and shows how to treat them as predicates on the behaviors of a process that represents P and Q at the same time.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Book
The Design and Analysis of Computer Algorithms
Alfred V. Aho,John E. Hopcroft +1 more
TL;DR: This text introduces the basic data structures and programming techniques often used in efficient algorithms, and covers use of lists, push-down stacks, queues, trees, and graphs.
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Journal ArticleDOI
A logic of authentication
TL;DR: This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols.