论文信息 - Modeling freshness concept to overcome Replay attack in Kerberos protocol using NuSMV

Modeling freshness concept to overcome Replay attack in Kerberos protocol using NuSMV

Today with the tremendous growth in the era of networking, the services provided to users have become diverse. In such a distributed environment, multiple users can access multiple services simultaneously. It has therefore become essential to provide security to the services being provided along with the identity of the users. Various security protocols have been proposed and used over the years and have evolved into better versions with time. In this paper, we present a simple way to perform symbolic model checking of a widely used security protocol called the Kerberos protocol, mainly a network authentication protocol, using the NuSMV model checker. It also demonstrates how the use of the freshness concept helps to overcome a common security attack called the Replay attack in the protocol.

[1] Gavin Lowe. A Family of Attacks upon Authentication Protocols , 1997 .

[2] Jerome H. Saltzer,et al. Kerberos authentication and authorization system , 1987 .

[3] Marco Pistore,et al. NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[4] Kenneth G. Paterson. A cryptographic tour of the IPsec standards , 2006, Inf. Secur. Tech. Rep..

[5] M. Panti L. Spalazzi,et al. Using the NuSMV Model Checker to verify the Kerberos Protocol , 2001 .

[6] Steven M. Bellovin,et al. Limitations of the Kerberos authentication system , 1990, CCRV.

[7] Valentin Goranko,et al. Logic in Computer Science: Modelling and Reasoning About Systems , 2007, J. Log. Lang. Inf..

[8] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.