Authors: Dania Aljeaid, Xiaoqi Ma and Caroline Langensiepen
This paper presents a Petri net (PN) approach to modelling, simulating, and analysing the new protocol we have proposed. This new protocol is an enhanced authentication scheme based on a biometric verification mechanism and identity based cryptography. A formal approach like Petri nets allows oneto represent cryptographic protocols. For the sake of simplicity, a complex PN model will not be discussed in this paper until all attacks are demonstrated and the model proved to be secure. This paper shows how Petri nets are used to model, analyse and detect flaws in our new protocol. First, our proposed protocol is modelled without an adversary, and then a generic adversary model is added to examine all possible adversary behaviours. Finally we demonstrate how Petri nets can be used to analyse security threats such as man-in-the-middle attack, reflection attack, and parallel session attack on this protocol.
Keywords: identity-based cryptosystem; biometrics; security analysis; cryptographic protocol; Petri nets.