Basic authentication procedure modelled by Petri nets

This paper presents modelling of the basic authentication procedure. The Petri net technique as a tool was chosen in this study. Experiments were made with two groups of models according the quantity of used attributes. One consists of combination of the User name and Password with and/or without repeating. The second group consist of the user name, password and biometrics with and/or without repeating. The goal of this paper is to demonstrate that security increasing with attributes quantity and decreasing with possibility to repeating wrong sequence of symbols.

[1]  Wolfgang Reisig,et al.  Informal Introduction to Petri Nets , 1996, Applications and Theory of Petri Nets.

[2]  Steven M. Bellovin,et al.  Limitations of the Kerberos authentication system , 1990, CCRV.

[3]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[4]  Rüdiger Valk,et al.  Petri nets for systems engineering - a guide to modeling, verification, and applications , 2010 .

[5]  Josef Volek,et al.  Využití Petriho sítí pro varianty nakládání s biologicky odbouratelným komunálním odpadem , 2008 .

[6]  Gerard Allwein,et al.  A formalism for visual security protocol modeling , 2008, J. Vis. Lang. Comput..

[7]  Lawrence C. Paulson,et al.  Kerberos Version 4: Inductive Analysis of the Secrecy Goals , 1998, ESORICS.

[8]  Kenneth Raeburn,et al.  Encryption and Checksum Specifications for Kerberos 5 , 2005, RFC.

[9]  Miloslav Hub,et al.  Fuzzy approach in biometric authentication by keystroke dynamics , 2005 .

[10]  Thomas D. Wu A Real-World Analysis of Kerberos Password Security , 1999, NDSS.

[11]  Yi-Chih Hsieh,et al.  A New Improved Secure Password Authentication Protocol to Resist Guessing Attack in Wireless Networks , 2008 .

[12]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Sam Hartman,et al.  The Perils of Unauthenticated Encryption: Kerberos Version 4 , 2004, NDSS.

[14]  John T. Kohl The use of Encryption in Kerberos for Network Authentication , 1989, CRYPTO.

[15]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[16]  Elvinia Riccobene,et al.  Formal Analysis of the Kerberos Authentication System , 1997, J. Univers. Comput. Sci..

[17]  Kenneth Raeburn,et al.  Advanced Encryption Standard (AES) Encryption for Kerberos 5 , 2005, RFC.