Show simple item record

dc.contributor.author
Drielsma, Paul H.
dc.contributor.author
Mödersheim, Sebastian
dc.contributor.author
Viganò, Luca
dc.contributor.author
Basin, David
dc.date.accessioned
2017-06-08T15:22:03Z
dc.date.available
2017-06-08T15:22:03Z
dc.date.issued
2006
dc.identifier.uri
http://hdl.handle.net/20.500.11850/1029
dc.description.abstract
In many network applications and services, agents that share no secure channel in advance may still wish to communicate securely with each other. In such settings, one often settles for achieving security goals weaker than authentication, such as sender invariance. Informally, sender invariance means that all messages that seem to come from the same source actually do, where the source can perhaps only be identified by a pseudonym. This implies, in particular, that the relevant parts of messages cannot be modified by an intruder. In this paper, we provide the first formal definition of sender invariance as well as a stronger security goal that we call strong sender invariance. We show that both kinds of sender invariance are closely related to, and entailed by, weak authentication, the primary difference being that sender invariance is designed for the context where agents can only be identified pseudonymously. In addition to clarifying how sender invariance and authentication are related, this result shows how a broad class of automated tools can be used for the analysis of sender invariance protocols. As a case study, we describe the analysis of two sender invariance protocols using the OFMC back-end of the AVISPA Tool.
dc.language.iso
en
dc.publisher
ETH, Department of Computer Science
dc.subject
Security Protocols
dc.subject
Formal Analysis
dc.title
Formalizing and Analyzing Sender Invariance
dc.type
Report
ethz.journal.title
Technical Report
ethz.journal.issue
528
ethz.size
16 p.
ethz.notes
.
ethz.publication.place
Zürich
ethz.publication.status
published
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit::03634 - Basin, David / Basin, David
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit::03634 - Basin, David / Basin, David
ethz.identifier.url
ftp://ftp.inf.ethz.ch/pub/publications/tech-reports/5xx/528.pdf
ethz.date.deposited
2017-06-08T15:22:17Z
ethz.source
ECIT
ethz.identifier.importid
imp59364b36d704277671
ethz.ecitpid
pub:10804
ethz.eth
yes
ethz.availability
Metadata only
ethz.rosetta.installDate
2017-07-12T21:39:21Z
ethz.rosetta.lastUpdated
2018-10-01T03:23:27Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Formalizing%20and%20Analyzing%20Sender%20Invariance&rft.jtitle=Technical%20Report&rft.date=2006&rft.issue=528&rft.au=Drielsma,%20Paul%20H.&M%C3%B6dersheim,%20Sebastian&Vigan%C3%B2,%20Luca&Basin,%20David&rft.genre=report&
 Search via SFX

Files in this item

FilesSizeFormatOpen in viewer

There are no files associated with this item.

Publication type

Show simple item record