Formal security analysis of registration protocols for interactive systems: a methodology and a case of study

Computer Science – Cryptography and Security

Scientific paper

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

32 pages, 7 figures, 8 listings, 1 table

Scientific paper

In this work we present and formally analyze CHAT-SRP (CHAos based Tickets-Secure Registration Protocol), a protocol to provide interactive and collaborative platforms with a cryptographically robust solution to classical security issues. Namely, we focus on the secrecy and authenticity properties while keeping a high usability. Indeed, most interactive platforms currently base their security properties almost exclusively on the correct implementation and configuration of the systems. In this sense, users are forced to blindly trust the system administrators and developers. Moreover, as far as we know, there is a lack of formal methodologies for the verification of security properties for interactive applications. We propose here a methodology to fill this gap, i.e., to analyse both the security of the proposed protocol and the pertinence of the underlying premises. In this concern, we propose the definition and formal evaluation of a protocol for the distribution of digital identities. Once distributed, these identities can be used to verify integrity and source of information. We base our security analysis on tools for automatic verification of security protocols widely accepted by the scientific community, and on the principles they are based upon. In addition, it is assumed perfect cryptographic primitives in order to focus the analysis on the exchange of protocol messages. The main property of our protocol is the incorporation of tickets, created using digests of chaos based nonces (numbers used only once) and users' personal data. Combined with a multichannel authentication scheme with some previous knowledge, these tickets provide security during the whole protocol by linking univocally each user with a single request. This way, we prevent impersonation and Man In The Middle attacks, which are the main security problems in registration protocols for interactive platforms. [..]

No associations

LandOfFree

Say what you really think

Search LandOfFree.com for scientists and scientific papers. Rate them and share your experience with other people.

Rating

Formal security analysis of registration protocols for interactive systems: a methodology and a case of study does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Formal security analysis of registration protocols for interactive systems: a methodology and a case of study, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Formal security analysis of registration protocols for interactive systems: a methodology and a case of study will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFWR-SCP-O-609644

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.