%0 Conference Proceedings
%T Ceremony Analysis: Strengths and Weaknesses
%+ Queensland University of Technology [Brisbane] (QUT)
%A Radke, Kenneth
%A Boyd, Colin
%A Gonzalez Nieto, Juan
%A Brereton, Margot
%Z Part 4: Network Security and Security Protocols
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 26th International Information Security Conference (SEC)
%C Lucerne, Switzerland
%Y Jan Camenisch
%Y Simone Fischer-Hübner
%Y Yuko Murayama
%Y Armand Portmann
%Y Carlos Rieder
%I Springer
%3 Future Challenges in Security and Privacy for Academia and Industry
%V AICT-354
%P 104-115
%8 2011-06-07
%D 2011
%R 10.1007/978-3-642-21424-0_9
%K Ceremony
%K EMV
%K HTTPS
%K Opera Mini
%K security
%K privacy
%K provable security
%K humans
%Z Computer Science [cs]Conference papers
%X We investigate known security flaws in the context of security ceremonies to gain an understanding of the ceremony analysis process. The term security ceremonies is used to describe a system of protocols and humans which interact for a specific purpose. Security ceremonies and ceremony analysis is an area of research in its infancy, and we explore the basic principles involved to better understand the issues involved.We analyse three ceremonies, HTTPS, EMV and Opera Mini, and use the information gained from the experience to establish a list of typical flaws in ceremonies. Finally, we use that list to analyse a protocol proven secure for human use. This leads to a realisation of the strengths and weaknesses of ceremony analysis.
%G English
%Z TC 11
%2 https://inria.hal.science/hal-01567584/document
%2 https://inria.hal.science/hal-01567584/file/978-3-642-21424-0_9_Chapter.pdf
%L hal-01567584
%U https://inria.hal.science/hal-01567584
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-SEC
%~ IFIP-AICT-354