Friday, 17 August 2012

Is Andrew Secure RPC secure?

A couple of years ago, while I was preparing for a lecture on Authentication Protocols for my Advanced Network and Information Security class at King Mongkut's University of Technology North Bangkok, I came across a protocol known as Andrew Secure RPC. I was wondering right there and then whether or not the protocol was really secure as its name suggested.

Andrew Secure RPC was first introduced in 1989 in a paper called "Integrating Security in a Large Distributed System."  It is a protocol that allows two entities, already shared a secret key, to agree upon a new key.

I then analysed the protocol by using the logic of me preferred choice, GNY logic, and found that the protocol was not secure, as expected. I, therefore, looked a little deeper and found several papers that came to the same conclusion. Those papers also put an effort in improving the protocol to make it more secure.

However, I showed in my paper, "Some Remarks on Andrew Secure RPC", none of them were secure. Not even the improved versions. What I did next was "re-designing" the protocol to make it more secure. The "new" protocol only consisted of three messages (rather than four in the original protocol). It also mitigated the vulnerabilities of the previous protocols, namely known-plaintext attack and session hijacking.

If you are interested, the paper of mine was already published at the 10th International Conference on Innovative Internet Community Systems in 2010.

The reason I am writing this post here is because RPC or Remote Procedure Call is still widely referenced and used in literature, and I just feel/felt that it would be better to make it as secure and efficient as possible.

No comments:

Post a Comment