Human Errors in Secure Communication Protocols
Abstract. We propose a formal model to analyze security protocols with human interaction. We model humans with no knowledge about the protocol and allow an adversary to perform an attack which covers all human errors. We then consider two types of countermeasures. The first type expresses that a human has at least some knowledge about the protocol and will do the known parts correctly. The second type of countermeasures changes a given protocol to be more robust against attacks, such that stronger security properties are achieved with the same assumptions on the human. Further, we introduce hierarchies to compare the human knowledge necessary in different security protocols to achieve the security goals.