Analysis of a Forced-Latency Defense Against Man-in-the-Middle Attacks

Abstract:

Several cryptographic protocols have been proposed to address the Man-in-the-Middle (MitM) attack without the prior exchange of keys. In this paper, one such protocol proposed by Zooko Wilcox-O’Hearn, the forced-latency defense against the chess grandmaster attack, is analyzed. Using the Cryptographic Protocol Shapes Analyzer (CPSA), the security properties of the protocol are validated through a novel use of CPSA’s state features to represent time. A small message-space attack is also uncovered that highlights an assumption that many protocols make, and a solution is proposed that would prevent such an attack against Wilcox-O’Hearn’s protocol.


AUTHORS

Photo of Erin Lanus

School of Computing, Informatics, Decision Systems Engineering Arizona State University Tempe, AZ
U.S.A.

Erin Lanus is a doctoral student in  Computer  Science at Arizona State University, where she also completed her undergraduate degree in Psychology.  She was selected for the National Physical Science Consortium Graduate Fellowship program in 2014.

Research Directorate National Security Agency Fort George G.Meade, MD
U.S.A.

Dr. Edward V. Zieglar, Jr. is a Researcher in the Research Directorate of the National Security Agency where he specializes in cryptographic protocol analysis and verification and network security.  He earned a bachelor’s degree in Engineering from Bucknell University and both master’s and doctoral degrees in Computer Science from the University of Maryland, Baltimore County (UMBC).  He also serves as an adjunct faculty member at UMBC where he teaches courses in security and computer networking.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com