Security

Analysis and Improvement of the BAN Modified Andrew Secure RPC Protocol

Free registration required

Executive Summary

In this paper, the authors have found a new man-in-the-middle attack on the BAN modified Andrew Secure RPC protocol with a protocol model-checker based on SAT. The man-in-the-middle attack, during which an intruder can impersonate an honest agent and forge a set of messages to communicate with another honest agent, destroys the assumed authentication of the protocol, one of the important properties of security protocol. Subsequently, they have reasoned about vulnerability of the protocol and proposed a remedial method to overcome the weakness of the protocol. The method, simple and effective, can be helpful to analyze and design other security protocols.

  • Format: PDF
  • Size: 391.34 KB