University of Limerick Institutional Repository

Addressing synchrony issues of dynamic shared secrets in security protocols

DSpace Repository

Show simple item record

dc.contributor.advisor Coffey, Tom
dc.contributor.advisor Dojen, Reiner
dc.contributor.author Lasc, Ioana
dc.date.accessioned 2014-11-17T18:45:34Z
dc.date.available 2014-11-17T18:45:34Z
dc.date.issued 2011
dc.identifier.uri http://hdl.handle.net/10344/4175
dc.description peer-reviewed en_US
dc.description.abstract This research addresses synchronisation issues in security protocols for wireless communications. A new class of attacks, termed Suppress-and-Desynchronise (SD) attacks, is introduced. This attack uses the vulnerabilities of the wireless links to exploit a weakness in the security protocols that use dynamic shared secrets for authentication purposes. To avoid problems with the long-term storage of shared secrets, these protocols use dynamic shared secrets that are updated to new values in each session by an underlying online update mechanism. A successful SD attack disables the affected parties from authenticating each other in future protocol runs, causing a permanent Denial of Service (DoS) condition. A formal system to model update mechanisms for shared secrets is introduced that expresses actions of principals, their storing strategies for shared secrets and the principals’ roles in the different types of update mechanism. Based on this formal system attack detection rules are developed that are able to detect synchrony weaknesses that can be exploited by Suppress-and-Desynchronise attacks. Further, within the same formal system, a solution to the synchronisation problem is identified. A new approach to the security systems design is proposed for the wireless communications environment to avoid facilitating occurrence of the presented DoS condition. A guide to the formalisation process of security protocols prior to application of detection rules is presented. Finally, five security protocols are formalized, analysed and corrected using the proposed formal system. en_US
dc.language.iso eng en_US
dc.publisher University of Limerick en_US
dc.subject wireless communications en_US
dc.subject security protocols en_US
dc.subject long-term storage en_US
dc.subject shared secrets en_US
dc.title Addressing synchrony issues of dynamic shared secrets in security protocols en_US
dc.type info:eu-repo/semantics/doctoralThesis en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.type.supercollection ul_theses_dissertations en_US
dc.contributor.sponsor IRC en_US
dc.contributor.sponsor SFI en_US
dc.relation.projectid RFP07CMSF631 en_US
dc.rights.accessrights info:eu-repo/semantics/openAccess en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search ULIR


Browse

My Account

Statistics