Abstract
A new semantic model in Abstract State Model (ASM) for authentication protocols is presented. It highlights the Woo-Lam's ideas for authentication, which is the strongest one in Lowe's definition hierarchy for entity authentication. Apart from the flexible and natural features in forming and analyzing protocols inherited from ASM, the model defines both authentication and secrecy properties explicitly in first order sentences as invariants. The process of proving security properties with respect to an authentication protocol blends the correctness and secrecy properties together to avoid the potential flaws which may happen when treated separately. The security of revised Helsinki protocol is shown as a case study. The new model is different from the previous ones in ASMs.
Similar content being viewed by others
References
Meadows C A. Formal verification of cryptographic protocols: A survey. InASIACRYPT: International Conference on the Theory and Application of Cryptology, Wollongong, Australia,LNCS 917, Springer-Verlag, 1994, pp.133–150.
Burrows M, Abadi M, Needham R. A logic of authentication.ACM Trans. Computer Systems, February 1990, 8: 18–36.
Meadows C. Invariant generation techniques in cryptographic protocol analysis. Inthe 13th Computer Security Foundations Workshop, IEEE Computer Society, Cambridge, England, July 2000, pp.159–167.
Meadows C. Language generation and verification in the NRL protocol analyzer. In9th IEEE Computer Security Foundations Workshop, IEEE Computer Society, Kenmare, Ireland, 1996, pp.48–61.
Schneider S. Verifying authentication protocols with CSP. InThe 10th Computer Security Foundations. Workshop, Cambridge, England, IEEE Computer Society, June 1997, pp.1–15.
Thayer J, Herzog J, Guttman J. Honest ideals on strand spaces. In11th IEEE Computer Security Foundations Workshop, IEEE Computer Society, Rockport, Massachusetts. USA, 1998, pp.66–78.
Paulson L. The inductive approach to verifying cryptographic protocols.Journal of Computer Security, 1998, 6(1): 85–128.
Canetti R. Universally composable security: A new paradigm for cryptographic protocols. InProc. 42nd FOCS, Las Vegas, Nevada, IEEE, October 2001, pp.136–145.
Woo T Y C, Lam S S. A semantic model for authentication protocols. InIEEE Symposium on Research in Security and Privacy, Oakland, May 1993, pp.178–194.
Bella G, Riccobene E. Formal analysis of the kerberos authentication system.Journal of Universal Computer Science, December 1997, 3: 1337–1381.
Bella G, Riccobene E. A realistic environment for crypto-protocol analysis by ASMs. InProc. INFORMATIK'98, 5th International Workshop on Abstract State Machines, Glasser U (ed.), Magdeburg, Germany, September 1998, pp.127–138.
Gurevich Y. Evolving algebra 1993: Lipari guide. In Specification and Validation Methods. London: Oxford University Press, 1995, pp.9–36.
Gurevich Y. May 1997 draft of the ASM guide. Technical Report CSE-TR-336-97, University of Michigan, EECS Department, 1997.
Börger E. High level system design and analysis using abstract state machines.LNCS 1641, Berlin, Heidelberg, New York. Springer-Verlag, 1999, pp.1–43.
Woo T Y C, Lam S S. Verifying authentication protocols: Methodology and example. InIEEE Int. Conf. Network Protocols, San Francisco, Oct. 1993, pp.36–45.
Lowe G. A hierachy of authentication specifications. In10th Computer Security Foundations Workshop, Cambridge, England, IEEE Computer Society Press, 1997, pp.31–43.
I. 2nd DIS 11770-3. Key management-part 3: Mechanisms using asymmetric techniques. 1997.
Horng G, Hsu C. Weakness in the Helsinki protocol.Electronic Letters, 1998, 34(4): 354–355.
Song D. Athena: A new efficient automatic checker for security protocol analysis. In12th IEEE Computer Security Foundations Workshop, IEEE Computer Society, Mordano, Italy, 1999, pp.192–202.
Canetti R. Security and composition of multiparty cryptographic protocols.Journal of Cryptology, 2000, 13(1): 143–202.
Mitchell C J, Yeun C Y. Fixing a problem in the Helsinki protocol.ACM Operating System Review, 1998, 32(4): 21–24.
Lowe G. An attack on the Needham-Schroeder public key authentication protocol.Information Processing Letters, 1995, 56(3): 131–136.
Author information
Authors and Affiliations
Corresponding author
Additional information
Supported partially by the National Natural Science Foundation of China under Grant No. 60373048 and No. 60273027, the National High Technology Development 863 Program of China under Grant No.2002AA144050, and the National Grand Fundamental Research 973 Program of China under Grant No. G1999035802. The second author is also supported by the Foundation for Extraordinary Young Researchers under Grant No. 60025205.
Rui Xue received his Ph.D. degree in 1999 from Beijing Normal University. He is currently a research professor at State Key Laboratory of Information Security, Institute of Software, The Chinese Academy of Sciences. His research interests include cryptographic protocols analysis, computational cryptography, and formal methods in cryptography and computer science
Deng-Guo Feng achieved his Ph.D. degree in June 1995. He is now a professor and adviser of doctoral candidates in the Institute of Software, The Chinese Academy of Science. He is also the director of State Key Laboratory of Information Security (SKLOIS), and the director of National Computer Network Intrusion Protection Center (NCNIPC). Currently, he is mainly engaged in the research and development of information and network security.
Rights and permissions
About this article
Cite this article
Xue, R., Feng, DG. New semantic model for authentication protocols in ASMs. J. Compt. Sci. & Technol. 19, 555–563 (2004). https://doi.org/10.1007/BF02944758
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF02944758