What are Multi-Protocol Guessing Attacks and How to Prevent Them

摘要

A guessing attack on a security protocol is an attack where an attacker guesses a poorly chosen secret (usually a low-entropy user password) and then seeks to verify that guess using other information. Past efforts to address guessing attacks in terms of design or analysis considered only protocols executed in isolation. However, security protocols are rarely executed in isolation and reality is always a case of mixed-protocols. In this paper, we introduce new types of attacks called multi-protocol guessing attacks, which can exist when protocols are mixed. We then develop a systematic procedure to analyze protocols subject to guessing attacks. Using this procedure, we will present a method of deriving some syntactic conditions to be followed in order for a protocol to be secure against multi-protocol guessing attacks. Lastly, we use the strand space framework to prove that a protocol will remain secure, given that these conditions are followed, by modeling the conditions within the strand space framework. We illustrate these concepts using the Mellovin and Berritt protocol (EKE) as an example.