Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Mathematical Methods, Models, and Architectures for Network Security

MMM-ACNS 2001: Information Assurance in Computer Networks pp 159–177Cite as

Typed MSR: Syntax and Examples

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2052))

Abstract

Many design flaws and incorrect analyses of cryptographic protocols can be traced to inadequate specification languages for message components, environment assumptions, and goals. In this paper, we present MSR, a strongly typed specification language for security protocols, which is intended to address the first two issues. Its typing infrastructure, based on the theory of dependent types with subsorting, yields elegant and precise formalizations, and supports a useful array of static check that include type-checking and access control validation. It uses multiset rewriting rules to express the actions of the protocol. The availability of memory predicates enable it to faithfully encode systems consisting of a collection of coordinated subprotocols, and constraints allow tackling objects belonging to complex interpretation domains, e.g. time stamps, in an abstract and modular way. We apply MSR to the specification of several examples.

Partially supported by NRL under contract N00173-00-C-2086.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   64.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M. and Gordon, A.: A calculus for cryptographic protocols: the spi calculus. Information and Computation, 148,1, (1999) 1–70

    Article  MATH  MathSciNet  Google Scholar 

  2. Abadi, M. and Needham, R.: Prudent Engineering Practice for Cryptographic Protocols. Research Report 125, Digital Equipment Corp., System Research Center, (1994)

    Google Scholar 

  3. Aspinall, D. and Compagnoni, A.: Subtyping Dependent Types. In E.N. Clarke, editor, Proc. LICS’96. New Brunswick, NJ. IEEE Computer Society Press (1996) 86–97

    Google Scholar 

  4. Balenson, D., McGrew, D. and Sherman, A.: Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. Internet Draft (work in progres), draft-irtf-smug-groupkeymgmt-oft-00.txt, Internet Engineering Task Force (August 25, 2000)

    Google Scholar 

  5. Burrows, M., Abadi, M. and Needham, R.: A Logic of Authentication. Proceedings of the Royal Society, Series A, 426,1871 (1989) 233–271

    Article  MATH  MathSciNet  Google Scholar 

  6. Cervesato, I.: MSR, Access Control, and the Most Powerful Attacker. Submitted to LICS’01, Boston, MA, 2001. http://www.cs.stanford.edu/~iliano

  7. Cervesato, I.: A Specification Language for Crypto-Protocol based on Multiset Rewriting, Dependent Types and Subsorting.

    Google Scholar 

  8. Cervesato, I.: Typed Multiset Rewriting Specifications of Security Protocols. Submitted to Proc. MFCSIT’00, ENTCS. http://www.cs.stanford.edu/~iliano

  9. Cervesato, I., Durgin, N., Lincoln, P., Mitchell, J. and Scedrov, A.: A Meta-Notation for Protocol Analysis. In Proc. CSFW’99. Mordano, Italy, IEEE/CS Press, (1999) 55–69

    Google Scholar 

  10. Cervesato, I., Durgin, N., Lincoln, P., Mitchell, J. and Scedrov, A.: Relating Strands and Multiset Rewriting for Security Protocol Analysis. In Proc. CSFW’00, (2000) 35–51

    Google Scholar 

  11. Cervesato, I., Durgin, N.A., Kanovich, M. and Scedrov, A.: Interpreting Strands in Linear Logic. In Proc. FMCS’00. Chigaco, IL, (2000)

    Google Scholar 

  12. Clark, J. and Jacob, J.: A Survey of Authentication Protocol Literature. Department of Computer Science, University of York. (1997) Web Draft Version 1.0 available from http://www.cs.york.ac.uk/~jac/

  13. Denker, G. and Millen, J.K.: CAPSL Intermediate Language. In N. Heintze and E. Clarke (eds.): Proc. FMSP’99. Trento, Italy (1999)

    Google Scholar 

  14. Dolev, D. and Yao, A.C.: On the security of public-key protocols. IEEE Transactions on Information Theory. (1983) 2(29): 198–208

    Article  MathSciNet  Google Scholar 

  15. Durgin, N., Lincoln, P., Mitchell, J. and Scedrov, A.: Undecidability of bounded security protocols. In Heintze, N. and Clarke, E. (eds.): Proc. FMSP’99. Trento, Italy (1999)

    Google Scholar 

  16. Fàabrega, F.J.T., Herzog, J.C. and Guttman, J.D.: Strand Spaces: Why is a Security Protocol Correct?. In Proc. SSP’98. (1998) 160–171 Oakland, CA, IEEE/CS Press

    Google Scholar 

  17. Kanovich, M.I., Okada, M. and Scedrov, A.: Specifying real-time finite-state systems in linear logic. In Proc. COTIC’98. Nice, France (1998) ENTCS 16(1)

    Google Scholar 

  18. Meadows, C.: The NRL protocol analyzer: an overview. J. Logic Programming, (1996) 26(2): 113–131

    Article  MATH  Google Scholar 

  19. Needham, R.M. and Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM. (1978) 21(12): 993–999

    Article  MATH  Google Scholar 

  20. Neuman, B.C. and Stubblebine, S.G.: A Note on the Use of Timestamps as Nonces. Operating Systems Review, (1993) 27(2) 10–14

    Article  Google Scholar 

  21. Pfenning, F.: Refinement Types for Logical Frameworks. In Geuvers, H. (ed.): Proc. TYPES’93. Nijmegen, The Netherlands (1993) 285–299

    Google Scholar 

  22. Syverson, P.F.: A Different Look at Secure Distributed Computation. In Proc. CSFW-10, (1997) 109–115 IEEE Computer Society Press

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Advanced Engineering and Sciences Division, ITT Industries, Inc., 2560 Huntington Avenue, Alexandria, VA, 22303, USA

    Iliano Cervesato

Authors
  1. Iliano Cervesato
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS), SPIIRAS, 39, 14th Liniya, St. Petersburg, Russia, 199178

    Vladimir I. Gorodetski

  2. Watson Schoolof Engineering, Binghamton University, Binghamton, NY, 13902, USA

    Victor A. Skormin

  3. Air Force Research Laboratory, Defensive Information Warfare Branch, 525 Brooks Road, Rome, NY, 13441-4505, Italy

    Leonard J. Popyack

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cervesato, I. (2001). Typed MSR: Syntax and Examples. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds) Information Assurance in Computer Networks. MMM-ACNS 2001. Lecture Notes in Computer Science, vol 2052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45116-1_18

Download citation

  • DOI: https://doi.org/10.1007/3-540-45116-1_18

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42103-0

  • Online ISBN: 978-3-540-45116-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation