A taxonomy of replay attacks [cryptographic protocols]

This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classified by the taxonomy. The classification of attacks is illustrated using both new and previously known attacks on protocols. The taxonomy is also used to discuss the appropriateness of particular countermeasures and protocol analysis methods to particular kinds of replays.<<ETX>>

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[3]  Jonathan K. Millen,et al.  The Interrogator: Protocol Secuity Analysis , 1987, IEEE Transactions on Software Engineering.

[4]  Chris J. Mitchell,et al.  Limitations of challenge-response entity authentication , 1989 .

[5]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Pierre Bieber,et al.  A logic of communication in hostile environment , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[7]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[8]  Catherine A. Meadows,et al.  A system for the specification and analysis of key management protocols , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Virgil D. Gligor,et al.  On belief evolution in authentication protocols , 1991, Proceedings Computer Security Foundations Workshop IV.

[10]  Catherine A. Meadows,et al.  Applying Formal Methods to the Analysis of a Key Management Protocol , 1992, J. Comput. Secur..

[11]  Ulf Carlsen Using Logics to Detect Implementation-Dependent Flaws , 1993 .

[12]  Paul F. Syverson Adding time to a logic of authentication , 1993, CCS '93.

[13]  Ulf Carlsen Using logics to detect implementation-dependent flaws [cryptographic protocol design] , 1993, Proceedings of 9th Annual Computer Security Applications Conference.

[14]  Moti Yung,et al.  Systematic Design of a Family of Attack-Resistant Authentication Protocols , 1993, IEEE J. Sel. Areas Commun..

[15]  Paul F. Syverson On key distribution protocols for repeated authentication , 1993, OPSR.

[16]  Li Gong,et al.  Variations on the themes of message freshness and replay-or the difficulty in devising formal methods to analyze cryptographic protocols , 1993, [1993] Proceedings Computer Security Foundations Workshop VI.

[17]  Catherine A. Meadows,et al.  A logical language for specifying cryptographic protocol requirements , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.