Deriving, Attacking and Defending the GDOI Protocol

机译：派生，攻击和捍卫GDOI协议

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

As a part of a continued effort towards a logical framework for incrementai reasoning about security, we attempted a derivational reconstruction of GDOI, the protocol proposed in IETF RFC 3547 for authenticated key agreement in group communication over IPsec. The difficulties encountered in deriving one of its authentication properties led us to derive an attack that had not surfaced in the previous extensive analyses of this protocol. The derivational techniques turned out to be helpful not only for constructing, analyzing and modifying protocols, but also attacks on them. We believe that the presented results demonstrate the point the derivational approach, which tracks and formalizes the way protocols are designed informally: by refining and composing basic protocol components. After a brief overview of the simple authentication logic, we outline a derivation of GDOI, which displays its valid security properties, and the derivations of two attacks on it, which display its undesired properties. We also discuss some modifications that eliminate these vulnerabilities. Their derivations suggest proofs of the desired authentication. At the time of writing, we are working together with the Msec Working Group to develop a solution to this problem.

机译：作为对用于安全性增量推理的逻辑框架的持续努力的一部分，我们尝试了GDOI的派生重建，GDOI是IETF RFC 3547中提出的协议，用于IPsec组通信中的认证密钥协议。导出其身份验证属性之一时遇到的困难使我们产生了一种在以前对该协议进行的广泛分析中尚未发现的攻击。事实证明，派生技术不仅对构造，分析和修改协议有帮助，而且对协议也有帮助。我们认为，提出的结果证明了派生方法的意义，该方法跟踪和形式化了非正式设计协议的方式：通过完善和组成基本协议组件。在简单认证逻辑的简要概述之后，我们概述了显示GDOI的派生，GDOI显示了其有效的安全属性，以及对它的两次攻击的派生，显示了其不良的属性。我们还将讨论一些消除这些漏洞的修改。他们的推导表明了所需认证的证据。在撰写本文时，我们正在与Msec工作组合作以开发针对此问题的解决方案。

著录项

来源
《European Symposium on Research in Computer Security(ESORICS 2004); 20040913-15; Sophia Antipolis(FR)》|2004年|P.53-72|共20页
会议地点 Sophia Antipolis(FR)
作者
Catherine Meadows; Dusko Pavlovic;
展开▼
作者单位

Naval Research Laboratory, Washington, DC 20375;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词

相似文献

外文文献
中文文献
专利

1. Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Attacks using BF-IPCM [J] . Pavan Kumar Pagadala, Research Scholar, Dr. N.M Saravana Kumar, International Journal of Advanced Networking and Applications . 2018,第4期

机译：通过使用BF-IPCM防御Dos攻击来提高VANETS中路由协议的效率
2. Defending Vulnerable Security Protocols by Means of Attack Interference in Non-Collaborative Scenarios [J] . Fiazza Maria-Camilla, Peroli Michele, Vigan#242, Frontiers in ICT . 2015,第10期

机译：在非协作方案中通过攻击干扰防御脆弱的安全协议
3. Defending RFID authentication protocols against DoS attacks [J] . Dang Nguyen Due, Kwangjo Kim Computer Communications . 2011,第3期

机译：防御RFID身份验证协议以抵抗DoS攻击
4. Deriving, Attacking and Defending the GDOI Protocol [C] . Catherine Meadows, Dusko Pavlovic European Symposium on Research in Computer Security . 2004

机译：导出，攻击和捍卫GDOI协议
5. DDoS attacks: Detecting attacks and defending the network [D] . Heinrich, Robert 2015

机译：DDoS攻击：检测攻击并防御网络
6. A Smart Sensor for Defending against Clock Glitching Attacks on the I2C Protocol in Robotic Applications [O] . Raúl Jiménez-Naharro, Fernando Gómez-Bravo, Jonathan Medina-García, 2017

机译：用于防御机器人应用中I2C协议的时钟毛刺攻击的智能传感器
7. Defending Vulnerable Security Protocols by Means of Attack Interference in Non-collaborative Scenarios [O] . Luca eViganò, Michele ePeroli, Maria-Camilla eFiazza 2015

机译：在非协作场景中通过攻击干扰保护易受攻击的安全协议
8. Tri-Level Optimization Algorithms for Solving Defender-Attacker-Defender Network Models. [R] . Lazzaro, G. L. 2016

机译：解决后卫 - 攻击者 - 后卫网络模型的三级优化算法。

Deriving, Attacking and Defending the GDOI Protocol

摘要

著录项

相似文献

相关主题

期刊订阅