About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
Our Work
Overview
Mission Areas
Systems Engineering
Information Technology
MITRE Research Program
MITRE Federal Employee Fellowship Program
Technology Transfer Office
Technical Papers

Follow Us:
Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > Our Work > Technical Papers >

Mixed Strand Spaces

March 2000

Joshua D. Guttman, The MITRE Corporation
Jonathan C. Herzog, The MITRE Corporation
F. Javier Thayer, The MITRE Corporation

ABSTRACT

Strand space analysis [13, 12] is a method for stating and proving correctness properties for cryptographic protocols. In this paper we apply the same method to the related problem of mixed protocols, and show that a protocol can remain correct even when used in combination with a range of other protocols.

We illustrate the method with the familiar Otway- Rees [10, 1] protocol. We identify a simple and easily verified characteristic of protocols, and show that the Otway- Rees protocol remains correct even when used in combination with other protocols that have this characteristic.

We also illustrate this method on the Neuman- Stubblebine protocol [9]. This protocol has two parts, an authentication protocol (I) in which a key distribution center creates and distributes a Kerberos-like key, and a reauthentication protocol (II) in which a client resubmits a ticket containing that key. The re-authentication protocol II is known to be flawed [2]. We show that in the presence of protocol II, there are also attacks against protocol I. We then define a variant of protocol II, and prove an authentication property of I that holds even in combination with the modified II.

View/Download Document

Publication

Published in Proceedings, 1999 Computer Security Foundations Workshop, June 1999.

Additional Search Keywords

N/A

Page last updated: August 12, 2003   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.
IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us