Ceremony analysis : strengths and weaknesses

Radke, Kenneth, Boyd, Colin, Gonzalez Nieto, Juan M., & Brereton, Margot (2011) Ceremony analysis : strengths and weaknesses. In Future Challenges in Security and Privacy for Academia and Industry : 26th IFIP TC 11 International Information Security Conference (SEC 2011) Proceedings, Springer, Lucerne University of Applied Sciences and Arts, Luzern, pp. 104-115.

Camera Ready Version (PDF 518kB)
Accepted Version.

View at publisher


We investigate known security flaws in the context of security ceremonies to gain an understanding of the ceremony analysis process. The term security ceremonies is used to describe a system of protocols and humans which interact for a specific purpose. Security ceremonies and ceremony analysis is an area of research in its infancy, and we explore the basic principles involved to better understand the issues involved.We analyse three ceremonies, HTTPS, EMV and Opera Mini, and use the information gained from the experience to establish a list of typical flaws in ceremonies. Finally, we use that list to analyse a protocol proven secure for human use. This leads to a realisation of the strengths and weaknesses of ceremony analysis.

Impact and interest:

10 citations in Scopus
5 citations in Web of Science®
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

185 since deposited on 06 Jul 2011
23 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 42327
Item Type: Conference Paper
Refereed: Yes
Keywords: Ceremony, Security, Privacy, Provable Security, Humans, EMV, HTTPS, Opera Mini
DOI: 10.1007/978-3-642-21424-0_9
ISBN: 9783642214233
ISSN: 1868-4238
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Encryption (080402)
Divisions: Past > QUT Faculties & Divisions > Faculty of Built Environment and Engineering
Past > Institutes > Information Security Institute
Copyright Owner: Copyright 2011 IFIP International Federation for Information Processing
Deposited On: 06 Jul 2011 01:15
Last Modified: 15 Dec 2011 04:29

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page