Abstract
Cryptographic protocol designers work incrementally. Having achieved some goals for confidentiality and authentication in a protocol Π1, they transform it to a richer Π2 to achieve new goals.
But do the original goals still hold? More precisely, if a goal formula Γ holds whenever Π1 runs against an adversary, does a translation of Γ hold whenever Π2 runs against it?
We prove that a transformation preserves goal formulas if a labeled transition system for analyzing Π1 simulates a portion of an lts for analyzing Π2, while preserving progress in that portion.
Thus, we examine the process of analyzing a protocol Π. We use ltss that describe our activity when analyzing Π, not that of the principals executing Π. Each analysis step considers—for an observed message reception—what earlier transmissions would explain it. The lts then contains a transition from a fragmentary execution containing the reception to a richer one containing an explaining transmission. The strand space protocol analysis tool cpsa generates some of the ltss used.
Supported by the National Science Foundation under grant CNS-0952287.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Andova, S., Cremers, C.J.F., Gjøsteen, K., Mauw, S., Mjølsnes, S.F., Radomirović, S.: Sufficient conditions for composing security protocols. Information and Computation (2007)
Backes, M., Cortesi, A., Focardi, R., Maffei, M.: A calculus of challenges and responses. In: FMSE 2007: ACM Workshop on Formal Methods in Security Engineering, pp. 51–60. ACM, New York (2007)
Backes, M., Pfitzmann, B., Waidner, M.: A universally composable cryptographic library (2003), http://eprint.iacr.org/2003/015/
Bhargavan, K., Corin, R., Deniélou, P.-M., Fournet, C., Leifer, J.J.: Cryptographic protocol synthesis and verification for multiparty sessions. In: IEEE Computer Security Foundations Symposium (2009)
Bird, R., Gopal, I., Herzberg, A., Janson, P.A., Kutten, S., Mulva, R., Yung, M.: Systematic design of a family of attack-resistant authentication protocols. IEEE Journal on Selected Areas in Communications 11(5), 679–693 (1993)
Caleiro, C., Vigano, L., Basin, D.: Relating strand spaces and distributed temporal logic for security protocol analysis. Logic Journal of IGPL 13(6), 637 (2005)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Report 2000/067, International Association for Cryptographic Research, October 2001. Extended Abstract appeared in Proceedings of the 42nd Symposium on Foundations of Computer Science (FOCS) (2001)
Cortier, V., Delaitre, J., Delaune, S.: Safely composing security protocols. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 352–363. Springer, Heidelberg (2007)
Cortier, V., Warinschi, B., Zălinescu, E.: Synthesizing secure protocols. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 406–421. Springer, Heidelberg (2007)
Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: Abstraction and refinement in protocol derivation. In: IEEE Computer Security Foundations Workshop. IEEE CS Press, Los Alamitos (2004)
Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: A derivation system and compositional logic for security protocols. Journal of Computer Security 13(3), 423–482 (2005)
Datta, A., Derek, A., Mitchell, J.C., Warinschi, B.: Computationally sound compositional logic for key exchange protocols. In: Computer Security Foundations Workshop, pp. 321–334 (2006)
Doghmi, S.F., Guttman, J.D., Javier Thayer, F.: Searching for shapes in cryptographic protocols. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 523–537. Springer, Heidelberg (2007)
Guttman, J.D.: Authentication tests and disjoint encryption: a design method for security protocols. Journal of Computer Security 12(3/4), 409–433 (2004)
Guttman, J.D.: Cryptographic protocol composition via the authentication tests. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 303–317. Springer, Heidelberg (2009)
Guttman, J.D.: Security theorems via model theory. EXPRESS: Expressiveness in Concurrency (EPTCS) 8, 51 (2009), doi:10.4204/EPTCS.8.5
Guttman, J.D.: Transformations between cryptographic protocols. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 107–123. Springer, Heidelberg (2009)
Guttman, J.D.: Shapes: Surveying crypto protocol runs. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols. Cryptology and Information Security Series. IOS Press, Amsterdam (2011)
Guttman, J.D., Javier Thayer, F.: Protocol independence through disjoint encryption. In: Computer Security Foundations Workshop. IEEE CS Press, Los Alamitos (2000)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. J. Cryptology 20(1), 85–113 (2007)
Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Security Protocols Workshop. Springer, Heidelberg (1998)
Lamport, L.: Time, clocks and the ordering of events in a distributed system. CACM 21(7), 558–565 (1978)
Lowe, G., Auty, M.: A calculus for security protocol development. Technical report, Oxford University Computing Laboratory (March 2007)
Needham, R., Schroeder, M.: Using encryption for authentication in large networks of computers. CACM 21(12) (December 1978)
Pfitzmann, B., Waidner, M.: Composition and integrity preservation of secure reactive systems. In: Proceedings, Seventh ACM Conference of Communication and Computer Security. ACM Press, New York (November 2000)
Ramsdell, J.D., Guttman, J.D.: CPSA: A cryptographic protocol shapes analyzer. In: Hackage. The MITRE Corporation (2009), http://hackage.haskell.org/package/cpsa ; see esp. doc subdirectory
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guttman, J.D. (2012). Security Goals and Protocol Transformations. In: Mödersheim, S., Palamidessi, C. (eds) Theory of Security and Applications. TOSCA 2011. Lecture Notes in Computer Science, vol 6993. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27375-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-27375-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27374-2
Online ISBN: 978-3-642-27375-9
eBook Packages: Computer ScienceComputer Science (R0)