Attack and revison of an electronic auction protocol using OFMC

Bogdan Księżopolski, Pascal Lafourcade

Abstract


In the article we show an attack on the cryptographic protocol of electronic auction withextended requirements [1]. The found attack consists of authentication breach and secret retrieval.It is a kind of “man in the middle attack”. The intruder impersonates an agent and learns somesecret information. We have discovered this flaw using OFMC an automatic tool of cryptographicprotocol verification. After a description of this attack, we propose a new version of the e-auctionprotocol. We also check with OFMC the secrecy for the new protocol and give an informal proofof the other properties that this new e-auction protocol has to guarantee.

Full Text:

PDF


DOI: http://dx.doi.org/10.17951/ai.2007.6.1.171-183
Date of publication: 2015-01-04 00:00:00
Date of submission: 2016-04-27 10:20:05


Statistics


Total abstract view - 364
Downloads (from 2020-06-17) - PDF - 0

Indicators



Refbacks

  • There are currently no refbacks.


Copyright (c) 2015 Annales UMCS Sectio AI Informatica

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.