Formal Aspects of Security

Volume 2629 of the series Lecture Notes in Computer Science pp 4-14

Verifying the SET Protocol: Overview

  • Lawrence C. PaulsonAffiliated withComputer Laboratory, University of Cambridge

* Final gross prices may vary according to local VAT.

Get Access


The project to verify SET, an e-commerce protocol, is described. The main tasks are to comprehend the written documentation, to produce an accurate formal model, to identify specific protocol goals, and finally to prove them. The main obstacles are the protocol’s complexity (due in part to its use of digital envelopes) and its unusual goals involving partial information sharing. Brief examples are taken from the registration and purchase phases. The protocol does not completely satisfy its goals, but only minor flaws have been found. The primary outcome of the project is experience with handling enormous and complicated protocols.