Improving the ISO/IEC 11770 standard for key management techniques

被引:0
作者
Cas Cremers
Marko Horvat
机构
[1] University of Oxford,
来源
International Journal of Information Security | 2016年 / 15卷
关键词
Formal analysis; ISO; Protocol standards; Security protocols;
D O I
暂无
中图分类号
学科分类号
摘要
We provide the first systematic analysis of the ISO/IEC 11770 standard for key management techniques (2009, 2009), which describes a set of key establishment, key agreement, and key transport protocols. We analyse the claimed security properties, as well as additional modern requirements on key management protocols, for over 30 protocols and their variants. Our formal, tool-supported analysis of the protocols uncovers several incorrect claims in the standard. We provide concrete suggestions for improving the standard.
引用
收藏
页码:659 / 673
页数:14
相关论文
共 50 条
  • [21] AI techniques for functional Safety Application example based on IEC 61508 and ISO 26262
    Neumann-Mahlkau, Jan
    Bitner, Arnold
    Grigoleit, Florian
    [J]. ATP MAGAZINE, 2023, (05): : 78 - 87
  • [22] The cloud computing standard ISO/IEC 27018 through the lens of the EU legislation on data protection
    de Hert, Paul
    Papakonstantinou, Vagelis
    Kamara, Irene
    [J]. COMPUTER LAW & SECURITY REVIEW, 2016, 32 (01) : 16 - 30
  • [23] ADOPTION OF ISO 9001 QUALITY MANAGEMENT STANDARD IN AFRICA
    Arana-Landin, German
    Allur, Erlantz
    Heras-Saizarbitoria, Inaki
    [J]. INTERNATIONAL JOURNAL FOR QUALITY RESEARCH, 2014, 8 (01) : 61 - 71
  • [24] Improvement Findings in the Implementation of Software Tests based on the ISO/IEC 29110 Standard: Case Study
    Mejia, Jezreel
    Arroyo-Morales, Luis A.
    Tablada-Dominguez, Antonio
    [J]. 2022 11TH INTERNATIONAL CONFERENCE ON SOFTWARE PROCESS IMPROVEMENT, CIMPS, 2022, : 202 - 211
  • [25] BUSINESS PROJECT MANAGEMENT BASED ON ISO 10006 STANDARD
    Spaho, Kenan
    [J]. TEHNICKI GLASNIK-TECHNICAL JOURNAL, 2014, 8 (01): : 34 - 39
  • [26] Influence of standard ISO 21500 in the management of collaborative networks
    Otero-Mateo, Manuel
    Pastor-Fernandez, Andres
    Portela-Nunez, Jose M.
    [J]. ADVANCES IN MATERIALS PROCESSING TECHNOLOGIES-MESIC V, 2014, 797 : 9 - 14
  • [27] The ISO 31000 standard in supply chain risk management
    de Oliveira, Ualison Rebula
    Silva Marins, Fernando Augusto
    Rocha, Henrique Martins
    Pamplona Salomon, Valerio Antonio
    [J]. JOURNAL OF CLEANER PRODUCTION, 2017, 151 : 616 - 633
  • [28] THEORETICAL AND PRACTICAL CONSIDERATIONS REGARDING THE INFORMATION SECURITY MANAGEMENT SYSTEM WITHIN ORGANIZATIONS IN CONCORDANCE WITH THE NEW INTERNATIONAL STANDARD ISO/IEC 27001:2013
    Tiganoaia, Bogdan
    [J]. GLOBALIZATION AND INTERCULTURAL DIALOGUE: MULTIDISCIPLINARY PERSPECTIVES - ECONOMY AND MANAGEMENT, 2014, : 62 - 68
  • [29] INTEGRATION OF THE GDPR REQUIREMENTS INTO THE REQUIREMENTS OF THE SR EN ISO/IEC 27001:2018 STANDARD, INTEGRATION SECURITY MANAGEMENT SYSTEM IN A SOFTWARE DEVELOPMENT COMPANY
    Gaspar, Mirabela Luciana
    Popescu, Sorin Gabriel
    [J]. ACTA TECHNICA NAPOCENSIS SERIES-APPLIED MATHEMATICS MECHANICS AND ENGINEERING, 2018, 61 (03): : 85 - 96
  • [30] Reconciliation of scrum and the project management process of the ISO/IEC 29110 standard-Entry profile-an experimental evaluation through usability measures
    Galvan-Cruz, Sergio
    Mora, Manuel
    Laporte, Claude Y.
    Duran-Limon, Hector
    [J]. SOFTWARE QUALITY JOURNAL, 2021, 29 (02) : 239 - 273
12345