Analysing the Kerberos Timed Authentication Protocol Using CSP-Rank Functions

Despite advances in network security, malicious attacks have shown a significant increase in recent times. Authentication mechanisms coupled with strong encryption techniques are used for security purposes; however, given sufficient time, well-equipped intruders succeed in breaking encryptions and compromising system security. The protocols often fail when they are analysed critically. Formal approaches have emerged to analyse protocol failures. Communicating Sequential Processes (CSP) is an abstract language designed especially for the description of communication patterns. A notion of rank functions is introduced for analysing purposes as well. This paper presents an application of this formal approach to a newly designed authentication protocol that combines delaying the decryption process with timed authentication while keys are dynamically renewed under pseudo-secure situations. The analysis and verification of authentication properties and results of the designed protocol are presented and discussed.

[1]  Orhan Gemikonakli,et al.  An Authentication Protocol to Address the Problem of the Trusted 3rd Party Authentication Protocols , 2007 .

[2]  O. Gemikonakli,et al.  Improving kerberos security through the combined use of the timed authentication protocol and frequent key renewal , 2008, 2008 7th IEEE International Conference on Cybernetic Intelligent Systems.

[3]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[4]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[5]  William A. Arbaugh,et al.  An Initial Security Analysis of the IEEE 802.1X Standard , 2002 .

[6]  Orhan Gemikonakli,et al.  Frequent key renewal under pseudo-secure conditions for increased security in kerberos authentication and its impact on system performability , 2007 .

[7]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[8]  A. W. Roscoe CSP and determinism in security modelling , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[9]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[10]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[11]  Orhan Gemikonakli,et al.  Further improvements to the Kerberos timed authentication protocol , 2008 .

[12]  Orhan Gemikonakli,et al.  A solution for the problem of trusted third party for IEEE 802.11b networks , 2005 .

[13]  Khaled Elleithy,et al.  Novel Algorithms and Techniques In Telecommunications, Automation and Industrial Electronics , 2008 .

[14]  Daniel A. Menascé,et al.  A methodology for analyzing the performance of authentication protocols , 2002, TSEC.

[15]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[16]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.