A hierarchy of authentication specifications
Top Cited Papers
- 22 November 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- No. 10636900,p. 31-43
- https://doi.org/10.1109/csfw.1997.596782
Abstract
Many security protocols have the aim of authenticating one agent to another. Yet there is no clear consensus in the academic literature about precisely what "authentication" means. We suggest that the appropriate authentication requirement will depend upon the use to which the protocol is put, and identify several possible definitions of "authentication". We formalize each definition using the process algebra CSP, use this formalism to study their relative strengths, and show how the model checker FDR can be used to test whether a system running the protocol meets such a specification.Keywords
This publication has 15 references indexed in Scilit:
- What do we mean by entity authentication?Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Casper: a compiler for the analysis of security protocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- An attack on the Needham-Schroeder public-key authentication protocolInformation Processing Letters, 1995
- On the security of SPLICE/AS — The authentication system in WIDE InternetInformation Processing Letters, 1995
- Systematic design of a family of attack-resistant authentication protocolsIEEE Journal on Selected Areas in Communications, 1993
- Authentication and authenticated key exchangesDesigns, Codes and Cryptography, 1992
- Limitations of the Kerberos authentication systemACM SIGCOMM Computer Communication Review, 1990
- A logic of authenticationPublished by Association for Computing Machinery (ACM) ,1989
- Timestamps in key distribution protocolsCommunications of the ACM, 1981
- Using encryption for authentication in large networks of computersCommunications of the ACM, 1978