Conference paper
Adaptable Authentication Model: Exploring Security with Weaker Attacker Models
Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities.
Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied.
We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.
| Language: | English |
|---|---|
| Year: | 2011 |
| Pages: | 234-247 |
| Proceedings: | International Symposium on Engineering Secure Software and Systems |
| ISSN: | 16113349 and 03029743 |
| Types: | Conference paper |
| DOI: | 10.1007/978-3-642-19125-1_18 |
| ORCIDs: | Jensen, Christian D. |
