Next Article in Journal
Improving the Quality of Industrial Robot Control Using an Iterative Learning Method with Online Optimal Learning and Intelligent Online Learning Function Parameters
Previous Article in Journal
Reinforcement Learning of Bipedal Walking Using a Simple Reference Motion
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 14
Issue 5
10.3390/app14051804
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Formal Analysis of DTLS-SRTP Combined Protocol Based on Logic of Events

Appl. Sci. 2024, 14(5), 1804; https://doi.org/10.3390/app14051804
by Meihua Xiao 1, Yizhou Zhong 1,*, Zehuan Li 1 and Fangping Chen 2
Reviewer 2: Anonymous
Appl. Sci. 2024, 14(5), 1804; https://doi.org/10.3390/app14051804
Submission received: 15 January 2024 / Revised: 18 February 2024 / Accepted: 20 February 2024 / Published: 22 February 2024

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

To increase the degree of credibility of the proposed method and, implicitly, the scientific value of the work, I recommend the authors:

1. Presentation of detailed information about the usefulness of the method of demonstrating the viability of the combined protocols in order to ensure the security of networks. Possibly, to be exposed and practical ways of checking them.

2. The relief of the results obtained, possibly in a separate section of Results and Discussions, relative to ensuring the security of networks, as a result of the improvements and innovations brought to the theory of the logic of events, on real situations, which allow the demonstration of the improvements brought to the security properties by means of the protocols composites such as DTLS-SRTP.

Author Response

请参阅附件

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

Sections 1 an 2 are well-written. 

In p. 4 line 143, the Key Axiom needs explanation, what the first line of the axiom says? 

In line 162, what Gamma1 and Gamma2 mean? Also, the given expressions below need explanation too. In line 167 it is not clear the use of “if” word. In (5), line 171, is it used any sequential operator? Here, more explanation is needed. As previously, the statement below line 174 needs further explanation.  In line 277, notation << needs explanation. In line 292, >=< needs further explanation. Definitions (10), (11), and (12) need further explanation too. The statements in line 351 and 352 need further justification. It would improve the description and presentation of your work if you could use a case study.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 3 Report

Comments and Suggestions for Authors

The article needs experiments and results. To test the study on the security analysis of composite protocols, the authors should consider the following:

Create a comprehensive set of test cases that cover various scenarios and edge cases for the selected composite protocols. This should include different combinations of protocols, varying orders of interactions, and different inputs and outputs.

Run the test cases on the implemented method and observe the results. Verify whether the method successfully proves the security of the composite protocols, with a specific focus on the aspects of mutual authentication and confidentiality mentioned in the study.

Evaluate the outcomes of the tests and analyze the effectiveness of the extended Logic of Events Theory in verifying the security of the composite protocols. Assess whether the method provides accurate and reliable results and identify potential limitations or improvement areas.

If available, compare the results of the proposed method with other existing approaches for security analysis of composite protocols. Assess the strengths and weaknesses of each method and determine how the extended Logic of Events Theory compares in terms of accuracy, efficiency, and applicability.

Comments on the Quality of English Language

The English in this section is mostly correct, but the authors can make a few minor errors and improvements. It is recommended to have a native English speaker review the article for further refinement.

 

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

Comments and Suggestions for Authors

All of my comments have been addressed.

Author Response

Thank you for your insightful comment. 

Reviewer 3 Report

Comments and Suggestions for Authors

The idea is commendable. However, the authors must include experimental results along with theoretical proofs. This chapter utilizes an extended LoET approach to provide security proof for the DTLS-SRTP protocol. The analysis of the protocol interaction process, description of the protocol authentication procedure, and formal modeling of the protocol’s primary sequences allow for the proper modeling of both sub-protocols. By deriving formulas, it is demonstrated that the sub-protocols satisfy mutual authentication and confidentiality. The proof results indicate that the DTLS-SRTP protocol is secure under the fulfillment of the underlying assumptions. To compare with LoET, the classic theorem-proving method of Protocol Composition Logic (PCL) has been chosen. 

 

The authors should present a use case in the real world.

Comments on the Quality of English Language

There are typos in the paper.

 

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Back to TopTop