We are not able to resolve this OAI Identifier to the repository landing page. If you are the repository manager for this record, please head to the Dashboard and adjust the settings.
A version of this paper is in Arxiv.org: arXiv:1201.1134v2In this work we present and formally analyze CHAT-SRP (CHAos
based Tickets-Secure Registration Protocol), a protocol to provide inter-
active and collaborative platforms with a cryptographically robust solu-
tion to classical security issues. Namely, we focus on the secrecy and au-
thenticity properties while keeping a high usability. In this sense, users are
forced to blindly trust the system administrators and developers. More-
over, as far as we know, the use of formal methodologies for the verifica-
tion of security properties of communication protocols isn’t yet a common
practice. We propose here a methodology to fill this gap, i.e., to analyse
both the security of the proposed protocol and the pertinence of the un-
derlying premises. In this concern, we propose the definition and formal
evaluation of a protocol for the distribution of digital identities. Once
distributed, these identities can be used to verify integrity and source of
information. We base our security analysis on tools for automatic verifica-
tion of security protocols widely accepted by the scientific community, and
on the principles they are based upon. In addition, it is assumed perfect
cryptographic primitives in order to focus the analysis on the exchange of
protocol messages. The main property of our protocol is the incorpora-
tion of tickets, created using digests of chaos based nonces (numbers used
only once) and users’ personal data. Combined with a multichannel au-
thentication scheme with some previous knowledge, these tickets provide
security during the whole protocol by univocally linking each registering
user with a single request. This way, we prevent impersonation and Man
In The Middle attacks, which are the main security problems in registra-
tion protocols for interactive platforms. As a proof of concept, we also
present the results obtained after testing this protocol with real users, at
our university, in order to measure the usability of the registration system.This work was supported by the UAM project of Teaching Innovation and the
Spanish Government project TIN2010-19607
Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.