Abstract
Formal methods are natural extensions to informal ones that have been used to analyze cryptographic protocols. First, some famous formalisms such as BAN logic, model checking and strand space are briefly introduced; then a belief multiset formalism is put forward based on the trusted freshness notion in Chapters 4, 5 and also 6, and the formalism is simple and precise for automation of security analysis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Mao W (2004) Modern Cryptography: Theory and Practice. Prentice Hall, New Jersey
Menezes A, van Oorschot P, Vanstone S (1996) Handbook of Applied Cryptography. CRC Press, New York
Goldreich O (2003) Foundations of Cryptography. Cambridge University Press, New York
Burrows M, Abadi M, Needham R (1990) A Logic of Authentication. ACM Transactions on Computer Systems 8(1): 18–36
Lowe G (1999) Towards a Completeness Result for Model Checking of Security Protocols. Journal of Computer Security 7(2–3): 89–146
Fabrega FJT, Herzog JC, Guttman JD (1998) Strand Spaces: Why is a Security Protocol Correct? In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, 3–6 May 1998
Needham RM, Schroeder MD (1978) Using Encryption for Authentication in Large Network of Computers. Communication of the ACM 21(12): 993–999
Zhang YQ (2000) Study on Analysis of Security Protocols of Computer Communication Network. PhD Dissertation (in Chinese), XIDIAN University
Gong L, Needham R, Yahalom R (1990) Reasoning About Belief in Cryptographic Protocols. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, 7–9 May 1990
Abadi M, Tuttle MR (1991) A Semantics for a Logic of Authentication. In: Proceedings of the 10th ACM Symposium on Principles of Distributed Computing, Montreal, 19–21 Aug 1991
Syverson PF, Oorschot PCV (1994) On Unifying Some Cryptographic Protocol Logics. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, Oakland, 16–18 May 1994
Lowe G (1996) Breaking and Fixing the Needham-Schroeder Public-key Protocol Using FDR. In: TACAS’96 Proceedings of the 12th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, Passau, 27–29 Mar 1996. Lecture Notes in Computer Science (Lecture Notes in Software Configuration Management), vol 1055. Springer, Heidelberg, pp 147–166
Millen JK, Clark SC, Freedman SB (1987) The Interrogator: Protocol Security Analysis. IEEE Trans. Software Eng. 13(2): 274–288
Mitchell JC, Mitchell M, Stern U (1997) Automated Analysis of Cryptographic Protocols Using Mur?. In: Proceedings of 1997 IEEE Symposium on Security and Privacy, Oakland, 4–7 May 1997
Meadows C (1994) A Model of Computation for the NRL Protocol Analyzer. In: Proceedings of the 1994 Computer Security FoundationsWorkshop, Franconia, 14–16 June 1994
Meadows C (1996) The NRL Protocol Analyzer: an Overview. Journal of Logic Programming 26(2): 113–131
Meadows C (1999) Analysis of the Internet key Exchange Protocol Using the NRL Protocol Analyzer. In: Proceedings of 1999 IEEE Symposium on Security and Privacy, Oakland, 9–12 May 1999
Fabrega FJT, Herzog JC, Guttman JD (1999) Mixed Strand Spaces. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop, Mordano, 28–30 June 1999
Song D, Berezin S, Perrig A (2001) Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis. Journal of Computer Security 9(1–2): 47–74
Dong L (2008) Cryptographic Protocol Engineering and Protocol Security Based on Trusted Freshness. PhD Dissertation (in Chinese), Shanghai Jiaotong University
Chen K, Dong L, Lai X (2008) Security Analysis of Cryptographic Protocols Based on Trusted Freshness. Journal of Korea Institute of Information Security and Cryptology, 18(6B): 1–13
Dong L, Chen K, Lai X (2009) Belief Multisets for Cryptographic Protocol Analysis. Journal of Software 20(11): 3060–3076 (in Chinese)
Dong L, Chen K, Lai X, Wen M (2009) When is a Key Establishment Protocol Correct? Security and Communication Networks, 2(6): 567–579
Otway D, Rees O (1987) Efficient and Timely Mutual Authentication. Operating Systems Review 21(1): 8–10
Abadi M, Needham R (1996) Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1): 6–15
Denning DE, Sacco GM (1981) Timestamps in Key Distribution Protocols. Communication of the ACM 24(8): 533–536
Lowe G (1995) An Attack on the Needham-Schroeder Public Key Authentication Protocol. Information Processing Letters 56(3): 131–133
ANSI/IEEE Std 802.11. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Sept 1999
Furqan Z, Muhammad S, Guha RK (2006) Formal Verification of 802.11i Using Strand Space Formalism. In: IEEE Proceedings of ICNICONSMCL’2006, Morne, 23–29 Apr 2006. IEEE Press, pp 140–140
Sithirasenan E, Zafar S, Muthukkumarasamy V (2006) Formal Verification of the IEEE 802.11i WLAN Security Protocol. In: IEEE Proceedings of ASWEC’2006, Sydney, 18–21 Apr 2006. IEEE Press, pp 181–190
Brown B (2003) 802.11: The Security Differences Between b and i. IEEE Potentials 22(4): 23–27
IEEE Std 802.11i-2004. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Medium Access Control (MAC) Security Enhancements. July 2004
IEEE Std 802.1X. Port-based Network Access Control. New York: IEEE Press, 2001
IEEE Std EAP-2004. Extensible Authentication Protocol (EAP). New York: IEEE Press, June 2004
He C, Mitchell JC (2004) Analysis of the 802.11i 4-Way Handshake. In: Proceedings of the 3rd ACMWorkshop on Wireless security (Wise’04), Philadelphia, 1 Oct 2004. pp 43–50
Chen JC, Jiang MC, Liu YW (2005) Wireless Lan Security and IEEE 802.11i. IEEE Wireless Communications 12(1): 27–36
Guttman JD, Thayer F (2000) Authentication Tests. In: Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, 14–17 May 2000
Bellare M, Rogaway P (1993) Entity Authentication and Key Distribution. In: CRYPTO’93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 22–26 Aug 1993. Lecture Notes in Computer Science, vol 773. Springer-Verlag, pp 232–249
Canetti R, Krawczy H (2001) Analysis of Key-exchange Protocols and Their Use for Building Secure Channels. In: EUROCRYPT’01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, Innsbruck, 6–10 May 2001. Lecture Notes in Computer Science, vol 2045. Springer-Verlag, pp 453–474
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2012 Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Dong, L., Chen, K. (2012). Formalism of Protocol Security Analysis. In: Cryptographic Protocol. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24073-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-24073-7_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24072-0
Online ISBN: 978-3-642-24073-7
eBook Packages: Computer ScienceComputer Science (R0)