1. SIMULATION BASED VALIDATION OF AUTHENTICATION PROTOCOLS.
- Author
-
Indiradevi, Krishnan G. and Nair, V.S. Suku
- Subjects
- *
AUTHENTICATION (Law) , *COMPUTER network protocols , *COMPUTER network security , *COMPUTER security , *DATA encryption , *COMPUTER networks , *SYSTEMS design , *SYSTEM analysis , *SYSTEMS development - Abstract
Authentication protocols help to establish trust about the identities of communicating entities. Along with authorization and data confidentiality, authentication forms a critical component of most non-trivial security frameworks. Over past several years, an alarming number of seemingly secure authentication protocols have been shown to be flawed. By exploiting such flaws, malicious entities can potentially take on identities of trusted entities. Attacks on authentication protocols are often too subtle to uncover by simple means, hence considerable research has gone into techniques for analyzing and verifying them. Though the problem is perhaps best studied using formal methods, techniques in that category are generally rather complex and specialized. This paper proposes a different approach - using simulation as a means of validation. Though unable to conclusively prove security, simulation can be very effective in uncovering hidden flaws. This could be particularly useful for large systems where it may be nearly impractical to apply formal methods. A framework is presented to model authentication protocols with state machines and to validate some of their security properties through simulation. [ABSTRACT FROM AUTHOR]
- Published
- 2004