Skip to main content
SpringerLink
Log in

Automated Analysis of Infinite Scenarios

  • Conference paper
Book cover Trustworthy Global Computing (TGC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3705))

Included in the following conference series:

  • 310 Accesses

Abstract

The security of a network protocol crucially relies on the scenario in which the protocol is deployed. This paper describes syntactic constructs for modelling network scenarios and presents an automated analysis tool, which can guarantee that security properties hold in all of the (infinitely many) instances of a scenario. The tool is based on control flow analysis of the process calculus LySa and is applied to the Bauer, Berson, and Feiertag protocol where is reveals a previously undocumented problem, which occurs in some scenarios but not in other.

An erratum to this chapter can be found at http://dx.doi.org/10.1007/11580850_20 .

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Armando, A., Basin, D., Bouallagui, M., Chevalier, Y., Compagna, L., Mödersheim, S., Rusinowitch, M., Turuani, M., Viganò, L., Vigneron, L.: The AVISS security protocol analysis tool. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 349–353. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  2. Bauer, R.K., Berson, T.A., Feiertag, R.J.: A key distribution protocol using event markers. ACM Transactions on Computer Systems 1(3), 249–255 (1983)

    Article  Google Scholar 

  3. Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: CSFW 2001, pp. 82–96. IEEE, Los Alamitos (2001)

    Google Scholar 

  4. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Automatic validation of protocol narration. In: CSFW 2003, pp. 126–140. IEEE, Los Alamitos (2003)

    Google Scholar 

  5. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Static validation of security protocols. JSC (2004) (to appear), Preliminary version at http://www.imm.dtu.dk/pubdb/views/edoc_download.php/3199/pdf/imm3199.pdf

  6. Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Heidelberg (2003)

    Google Scholar 

  7. Buchholtz, M.: Automated analysis of security in networking systems. Ph. D. thesis proposal (December 2004), Available from http://www.imm.dtu.dk/~mib/thesis/

  8. Buchholtz, M.: Implementing control flow analysis for security protocols. DEGAS Report WP6-IMM-I00-Pub-003, Draft (2003)

    Google Scholar 

  9. Buchholtz, M., Nielson, F., Nielson, H.R.: A calculus for control flow analysis of security protocols. IJIS 2(3-4), 145–167 (2004)

    Article  Google Scholar 

  10. Bugliesi, M., Focardi, R., Maffei, M.: Compositional analysis of authentication protocols. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 140–154. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Comon-Lundh, H., Cortier, V.: Security properties: Two agents are sufficient. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 99–113. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Denker, G., Millen, J., Rueß, H.: The CAPSL integrated protocol environment. Technical Report SRI-CLS-2000-02, SRI International (2000)

    Google Scholar 

  13. Durante, A., Focardi, R., Gorrieri, R.: A compiler for analyzing cryptographic protocols using noninterference. TSEM 9(4), 488–528 (2000)

    Article  Google Scholar 

  14. Gordon, A.D., Jeffrey, A.: Authenticity by Typing for Security Protocols. In: CSFW 2001, pp. 145–159. IEEE, Los Alamitos (2001)

    Google Scholar 

  15. Information technology - security techniques - key management - part 2. mechanisms using symmetric techniques ISO/IEC 11770-2. International Standard (1996)

    Google Scholar 

  16. Lowe, G.: Casper: A compiler for the analysis of security protocols. JCS 6(1), 53–84 (1998)

    Google Scholar 

  17. Nielson, F., Nielson, H.R., Hansen, R.R.: Validating firewalls using Flow Logics. TCS 283(2), 381–418 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  18. Nielson, F., Nielson, H.R., Seidl, H.: Cryptographic analysis in cubic time. In: TOSCA 2001. ENTCS, vol. 62. Elsevier, Amsterdam (2001)

    Google Scholar 

  19. Nielson, F., Nielson, H.R., Seidl, H.: A succinct solver for ALFP. NJC 9, 335–372 (2002)

    MATH  MathSciNet  Google Scholar 

  20. Riis Nielson, H., Nielson, F.: Flow logic: a multi-paradigmatic approach to static analysis. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 223–244. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Stoller, S.D.: A bound on attacks on authentication protocols. In: Proceedings of the 2nd IFIP International Conference on Theoretical Computer Science (TCS 2002), pp. 588–600. Kluwer, Dordrecht (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Informatics and Mathematical Modelling, Technical University of Denmark, Richard Petersens Plads, bldg. 321, l DK-2800, Kgs. Lyngby

    Mikael Buchholtz

Authors
  1. Mikael Buchholtz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Sistemi e Informatica, Università di Firenze, Italy

    Rocco De Nicola

  2. Università di Bologna, Italy

    Davide Sangiorgi

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Buchholtz, M. (2005). Automated Analysis of Infinite Scenarios. In: De Nicola, R., Sangiorgi, D. (eds) Trustworthy Global Computing. TGC 2005. Lecture Notes in Computer Science, vol 3705. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11580850_18

Download citation

  • DOI: https://doi.org/10.1007/11580850_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30007-6

  • Online ISBN: 978-3-540-31483-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation