Analysing protocols subject to guessing attacks
In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorly-chosen password) and then seeks to verify that guess. We formalise such attacks, and in particular the way in which the guess is verified. We then describe how to...
Saved in:
| Published in | Journal of computer security Vol. 12; no. 1; pp. 83 - 97 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | English |
| Published |
London, England
SAGE Publications
01.01.2004
|
| Online Access | Get full text |
| ISSN | 0926-227X 1875-8924 |
| DOI | 10.3233/JCS-2004-12104 |
Cover
| Abstract | In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorly-chosen password) and then seeks to verify that guess. We formalise such attacks, and in particular the way in which the guess is verified. We then describe how to model such attacks within the process algebra CSP, so that they can be detected using the model checker FDR, and illustrate our technique on some examples. |
|---|---|
| AbstractList | In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorly-chosen password) and then seeks to verify that guess. We formalise such attacks, and in particular the way in which the guess is verified. We then describe how to model such attacks within the process algebra CSP, so that they can be detected using the model checker FDR, and illustrate our technique on some examples. |
| Author | Lowe, Gavin |
| Author_xml | – sequence: 1 givenname: Gavin surname: Lowe fullname: Lowe, Gavin email: gavin.lowe@comlab.ox.ac.uk organization: , Wolfson Building, Parks Road, Oxford, OX1 3QD |
| BookMark | eNp1kD1vwjAURa2KSgXatXOmLpXBfk6ceESon0Lq0FbqZhnjoNAQUz9n4N_XQKdKTG9491xdnREZdL5zhNxyNhEgxPR1_k6BsZxy4Cy_IENelQWtFOQDMmQKJAUov67ICHHDGHCuqiGZzjrT7rHp1tku-OitbzHDfrlxNmbRZ-ve4fFrYjT2G6_JZW1adDd_d0w-Hx8-5s908fb0Mp8tqAWuIi1sWTLOpTNMSisFSFUoxfMabA7KrkBUYmktcyWrpJKrFbDCOm6WMi-cgkKMyd2pN636SRui3jZoXduazvkeNVSpElSZgvkpaINHDK7WtokmNr6LwTSt5kwf7OhkRx_s6KOdhE3-YbvQbE3YnwfuTwCatdMb34ckDs-lfwE3AHQW |
| CitedBy_id | crossref_primary_10_1007_s10703_013_0184_6 crossref_primary_10_1016_j_entcs_2006_11_044 crossref_primary_10_1002_sec_361 crossref_primary_10_1016_j_cose_2020_101790 crossref_primary_10_1007_s10817_005_9017_7 crossref_primary_10_4028_www_scientific_net_AMM_457_458_1134 crossref_primary_10_1002_sec_312 crossref_primary_10_1007_s11036_012_0366_2 crossref_primary_10_1016_j_tcs_2006_08_042 crossref_primary_10_4204_EPTCS_251_21 |
| ContentType | Journal Article |
| Copyright | IOS Press and the authors. All rights reserved |
| Copyright_xml | – notice: IOS Press and the authors. All rights reserved |
| DBID | AAYXX CITATION 7SC 8FD H8D JQ2 L7M L~C L~D |
| DOI | 10.3233/JCS-2004-12104 |
| DatabaseName | CrossRef Computer and Information Systems Abstracts Technology Research Database Aerospace Database ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional |
| DatabaseTitle | CrossRef Aerospace Database Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest Computer Science Collection Computer and Information Systems Abstracts Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Professional |
| DatabaseTitleList | Aerospace Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 1875-8924 |
| EndPage | 97 |
| ExternalDocumentID | 10_3233_JCS_2004_12104 10.3233_JCS-2004-12104 |
| GroupedDBID | .4S .DC 0R~ 4.4 6KP 8VB AAGLT AAQXI ABDBF ABJNI ABUJY ACGFS ACPQW ACUHS ADMLS ADZMO AEMOZ AFRHK AGIAB AHDMH AHQJS AJNRN AKVCP ALMA_UNASSIGNED_HOLDINGS ARCSS ARTOV ASPBG AVWKF CAG COF EAD EAP EAS EAU EBA EBE EBR EBS EBU EDO EIS EJD EMK EPL EST ESX FIL HZ~ I-F IL9 IOS ITG ITH J8X K1G MET MIO MV1 O9- P2P PQQKQ QWB SAUOL SCNPE SFC TH9 TUS XJE ZL0 AAPII AAYXX AJGYC ALIRC CITATION 7SC 8FD H8D JQ2 L7M L~C L~D |
| ID | FETCH-LOGICAL-c219t-5c770116ea066c6326959914f2c429cd2383bcc0e708696dd205ce1ab645e9253 |
| ISSN | 0926-227X |
| IngestDate | Sun Sep 28 07:20:12 EDT 2025 Wed Sep 10 06:09:20 EDT 2025 Thu Apr 24 23:08:47 EDT 2025 Tue Jun 17 22:27:40 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c219t-5c770116ea066c6326959914f2c429cd2383bcc0e708696dd205ce1ab645e9253 |
| Notes | ObjectType-Article-2 SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 23 |
| PQID | 28269297 |
| PQPubID | 23500 |
| PageCount | 15 |
| ParticipantIDs | proquest_miscellaneous_28269297 crossref_citationtrail_10_3233_JCS_2004_12104 crossref_primary_10_3233_JCS_2004_12104 sage_journals_10_3233_JCS_2004_12104 |
| PublicationCentury | 2000 |
| PublicationDate | 20040101 2004-01-01 |
| PublicationDateYYYYMMDD | 2004-01-01 |
| PublicationDate_xml | – month: 1 year: 2004 text: 20040101 day: 1 |
| PublicationDecade | 2000 |
| PublicationPlace | London, England |
| PublicationPlace_xml | – name: London, England |
| PublicationTitle | Journal of computer security |
| PublicationYear | 2004 |
| Publisher | SAGE Publications |
| Publisher_xml | – name: SAGE Publications |
| SSID | ssj0021198 |
| Score | 1.8165215 |
| Snippet | In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorly-chosen password) and... |
| SourceID | proquest crossref sage |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 83 |
| Title | Analysing protocols subject to guessing attacks |
| URI | https://journals.sagepub.com/doi/full/10.3233/JCS-2004-12104 https://www.proquest.com/docview/28269297 |
| Volume | 12 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVEBS databaseName: Academic Search Ultimate - eBooks customDbUrl: https://search.ebscohost.com/login.aspx?authtype=ip,shib&custid=s3936755&profile=ehost&defaultdb=asn eissn: 1875-8924 dateEnd: 20241230 omitProxy: true ssIdentifier: ssj0021198 issn: 0926-227X databaseCode: ABDBF dateStart: 19960301 isFulltext: true titleUrlDefault: https://search.ebscohost.com/direct.asp?db=asn providerName: EBSCOhost – providerCode: PRVEBS databaseName: Business Source Ultimate customDbUrl: eissn: 1875-8924 dateEnd: 20241230 omitProxy: true ssIdentifier: ssj0021198 issn: 0926-227X databaseCode: AKVCP dateStart: 19960301 isFulltext: true titleUrlDefault: https://search.ebscohost.com/login.aspx?authtype=ip,uid&profile=ehost&defaultdb=bsu providerName: EBSCOhost – providerCode: PRVEBS databaseName: EBSCOhost International Security & Counter Terrorism Reference Center customDbUrl: eissn: 1875-8924 dateEnd: 20241230 omitProxy: false ssIdentifier: ssj0021198 issn: 0926-227X databaseCode: EIS dateStart: 19960301 isFulltext: true titleUrlDefault: https://search.ebscohost.com/login.aspx?authtype=ip,uid&profile=ehost&defaultdb=tsh providerName: EBSCOhost – providerCode: PRVEBS databaseName: Inspec with Full Text customDbUrl: eissn: 1875-8924 dateEnd: 20241230 omitProxy: false ssIdentifier: ssj0021198 issn: 0926-227X databaseCode: ADMLS dateStart: 19960301 isFulltext: true titleUrlDefault: https://www.ebsco.com/products/research-databases/inspec-full-text providerName: EBSCOhost |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV07T8MwELagLCy8EeWZAcFQGVo3cZIRSgtCCAZaqZtlOw4LagpJhcSv5y5x0xaoeCxRFEVOdJ9z-e7su4-QY5gnLNBhQAMpGXUDw6nUEKzEOohUU8WuKXb53vObnnvb9_qTZp95dUmmzvT7t3Ul_0EVrgGuWCX7B2TLQeECnAO-cASE4fgrjG1HkbyePMkSwDStpSOFqRXklE8j3OOKRYhZhqX0c4iotsIOtdRq2ZWbdJK3PN15PZMacKdSAzbHxzhlLNein7g79gXWwncVgjL2L1hsmv3sX5sM87-d29YjtQ0PrXjwbCPr-wfR6d3diW673z0ZvlDU-MK1cCt4skiWmM85q5Cli8ury04ZIDcauXZx-dpFk0186PnsI2dJxCQymNqMl_OD7hpZsfZ0LgqU1smCGWyQ1bFohmN96CY5L0FzStAcC5qTJc4YNMeCtkV6nXa3dUOtagXV4P0z6mnfx9UtI4HNaQ70OPSAhLsx0_Dv1xFwpKbSum58iCZDHkWs7mnTkIq7ngmZ19wmlUEyMDvECVG7VHJfxj4QLRVLrDuuR34cRZFb16pK6NgMQtuW7qgs8iwgtEOzCTAbCo26IjdblZyW9w-LZiZz7zwaW1WAv8FFJDkwySgVEKJzoNR-lRyjsYX9HNI5A-3-ONAeWZ7M3X1SyV5H5gCIXqYO7fz4AOQjUpE |
| linkProvider | EBSCOhost |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Analysing+protocols+subject+to+guessing+attacks&rft.jtitle=Journal+of+computer+security&rft.au=Lowe%2C+G&rft.date=2004-01-01&rft.issn=0926-227X&rft.volume=12&rft.issue=1&rft.spage=83&rft.epage=97&rft_id=info:doi/10.3233%2FJCS-2004-12104&rft.externalDBID=NO_FULL_TEXT |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0926-227X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0926-227X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0926-227X&client=summon |