JOURNAL OF SOFTWARE (JSW)
ISSN : 1796-217X
Volume : 3    Issue : 5    Date : May 2008

Deciding the Correctness of Attacks on Authentication Protocols
Anders Moen Hagalisletto
Page(s): 40-54
Full Text:
PDF (529 KB)


Abstract
A new tool for automated validation of attacks on authentication protocols has been used to find
several errors and ambiguities in the list of attacks described in the well known report by Clark and
Jacob. In this paper the errors are presented and classified. Corrected descriptions of the incorrect
attacks are given for the attacks that can be easily repaired. The underlying method for finding errors
in attacks is presented, including a formal language for attack specification, a validation algorithm,
and a framework for executing attacks. At the end of the paper, the connection between validation
and simulation is settled: Every attack specification that can be successfully executed is valid.

Index Terms
Authentication protocols, attacks, validation