Analysis of EAP-GPSK Authentication Protocol

Mitchell, John C.; Rowe, Paul D.; Scedrov, Andre

doi:10.1007/978-3-540-68914-0_19

Cited by 9 publications

(5 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This can be partially explained by the difficulty to do a manual and thorough security analysis of complex distributed network protocols. There are some works that propose a security analysis of the design of network protocols based on model checking (e.g., [12,13,9]) . All past works check a given network configuration with a predetermined set of participants.…”

Section: Related Workmentioning

confidence: 99%

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

Sosnovich

Grumberg

Nakibly

2013

Computer Aided Verification

View full text Add to dashboard Cite

This paper presents a novel approach to automatically finding security vulnerabilities in the routing protocol OSPF-the most widely used protocol for Internet routing. We start by modeling OSPF on (concrete) networks with a fixed number of routers in a specific topology. By using the model checking tool CBMC, we found several simple, previously unpublished attacks on OSPF. In order to search for attacks in a family of networks with varied sizes and topologies, we define the concept of an abstract network which represents such a family. The abstract network A has the property that if there is an attack on A then there is a corresponding attack on each of the (concrete) networks represented by A. The attacks we have found on abstract networks reveal security vulnerabilities in the OSPF protocol, which can harm routing in huge networks with complex topologies. Finding such attacks directly on the huge networks is practically impossible. Abstraction is therefore essential. Further, abstraction enables showing that the attacks are general. That is, they are applicable in a large (even infinite) number of networks. This indicates that the attacks exploit fundamental vulnerabilities, which are applicable to many configurations of the network.

show abstract

Section: Related Workmentioning

confidence: 99%

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

Sosnovich

Grumberg

Nakibly

2013

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…Since the thrive of the wireless LAN, cellular networks, ad hoc and sensor networks, there are a great number of fresh vulnerabilities and novel attacks discovered on different wireless networks [1,11,17,19,23,26,31]. This paper mainly focuses on the DoS attacks, especially on protocols of wireless LAN.…”

Section: Related Workmentioning

confidence: 99%

“…It is a popular direction to use model checkers to automatically find vulnerabilities in protocols [21][22][23]25 [21][22][23]. Among them, EAP-GPSK analysis [23] is most related to our work.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Exception triggered DoS attacks on wireless networks

Zhao

Vemuri

Chen

et al. 2009

2009 IEEE/IFIP International Conference on Dependable Systems &Amp; Networks

View full text Add to dashboard Cite

Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for Wireless LAN, as well as the Return Routability of Mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university's wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.

show abstract

“…carried out a formal correctness proof for the IEEE 802.11i and Transport Layer Security (TLS) protocols using PCL with a new form of PCL composition principle—staged composition . In addition, PCL was applied to the Internet Engineering Task Force Group Domain of Interpretation (IETF GDOI) protocol , Extensible Authentication Protocol‐Generalized Pre‐Shared Key (EAP-GPSK) Authentication Protocol , and Contract‐Signing Protocols . Improvements on PCL . A uniform notation and semantic setting was presented, and some previous technical definitions and proofs were developed in .…”

Section: Introductionmentioning

confidence: 99%

Protocol Derivation System for the Needham–Schroeder family

Zhang

Yang

2012

Security Comm Networks

View full text Add to dashboard Cite

A framework consisting of the Protocol Derivation System (PDS) and the Protocol Composition Logic (PCL) has been recently proposed by Datta et al. for the design and analysis of a secure composition of cryptographic protocols. However, the PDS in this proposed framework can only be used for the protocols of the Station-to-Station family, which are signature-based authenticated Diffie-Hellman key exchange protocols. In this paper, the PDS is extended to support key exchange protocols using a trusted third party and an encryption-based authentication such as those in the Needham-Schroeder family. This is achieved by means of adding new components, refinements, and transformations to the PDS. In addition, the PCL is applied to prove the correctness of the derived protocols. Then, the derivation graph of the NeedhamÀSchroeder family is developed by using the extended PDS. Finally, the derivations and proofs of the protocols in the Needham-Schroeder family are shown in this paper.

show abstract

Analysis of EAP-GPSK Authentication Protocol

Cited by 9 publications

References 33 publications

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

Exception triggered DoS attacks on wireless networks

Protocol Derivation System for the Needham–Schroeder family

Contact Info

Product

Resources

About