Abstract
In this paper, we generalise and fully automate the use of data independence techniques in the analysis of security protocols, developed in [16,17]. In [17], we successfully applied these techniques to a series of case studies; however, our scripts were carefully crafted by hand to suit each case study, a rather time-consuming and error-prone task. We have fully automated the data independence techniques by incorporating them into Casper, thus abstracting away from the user the complexity of the techniques, making them much more accessible.
The authors received support from DERA Malvern and the US Office of Naval Research for the work reported in this paper.
Chapter PDF
References
Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. In: Proceedings of the Royal Society of London A, vol. 426, pp. 233–271 (1989)
Formal Systems (Europe) Ltd: Failures-Divergences Refinement: FDR2 Manual (1997)
Hui, M., Lowe, G.: Fault-Preserving Simplifying Transformations for Security Protocols (2000) (submitted for publication)
Lazić, R.S.: A semantic study of data-independence with applications to the mechanical verification of concurrent systems. Oxford University D.Phil thesis (1998)
Lazić, R.S., Roscoe, A.W.: Using logical relations for automated verification of data-independent CSP. In: Proceedings of the Workshop on Automated Formal Methods, Electronic Notes in Theoretical Computer Science, Oxford, U.K., vol. 5 (1997)
Lazić, R.S., Roscoe, A.W.: Verifying determinism of data-independent systems with labellings, arrays and constants. In: Proceedings of INFINITY (1998)
Lazić, R.S., Nowak, D.: A Unifying Approach to Data-independence. In: Proceedings of the 11th International Conference on Concurrency Theory (2000)
Lowe, G.: An Attack on the Needham-Schroeder Public-Key Authentication Protocol. Information Processing Letters 56, 131–133 (1995)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055. Springer, Heidelberg (1996)
Lowe, G.: Casper: a compiler for the analysis of security protocols. In: Proceedings of 1997 IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (1997)
Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of 1997 IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (1997)
Lowe, G., Roscoe, A.W.: Using CSP to detect errors in the TMN protocol. IEEE transactions on Software Engineering 23(10), 659–669 (1997)
Marrero, W., Clarke, E., Jha, S.: A Model Checker for Authentication Protocols. In: Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols (1997)
Mitchell, J.C., Mitchell, M., Stern, U.: Automated Analysis of Cryptographic Protocols Using Murø. In: IEEE Symposium on Security and Privacy, pp. 141–151 (1997)
Roscoe, A.W.: The theory and practice of concurrency. Prentice-Hall, Englewood Cliffs (1998)
Roscoe, A.W.: Proving security protocols with model checkers by data independence techniques. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop (1998)
Roscoe, A.W., Broadfoot, P.J.: Proving security protocols with model checkers by data independence techniques. Journal of Computer Security. Special Issue CSFW11, 147–190 (1999)
Shmatikov, V., Stern, U.: Efficient Finite-State Analysis for Large Security Protocols. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop (1998)
Syverson, P.: A Taxonomy of Replay Attacks. In: Proceedings of the 7th IEEE Computer Security Foundations Workshop, pp. 131–136 (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Broadfoot, P.J., Lowe, G., Roscoe, A.W. (2000). Automating Data Independence. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds) Computer Security - ESORICS 2000. ESORICS 2000. Lecture Notes in Computer Science, vol 1895. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10722599_11
Download citation
DOI: https://doi.org/10.1007/10722599_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41031-7
Online ISBN: 978-3-540-45299-7
eBook Packages: Springer Book Archive