Skip to main content
SpringerLink
Log in

Formalism of Protocol Security Analysis

  • Chapter
Cryptographic Protocol

  • 929 Accesses

Abstract

Formal methods are natural extensions to informal ones that have been used to analyze cryptographic protocols. First, some famous formalisms such as BAN logic, model checking and strand space are briefly introduced; then a belief multiset formalism is put forward based on the trusted freshness notion in Chapters 4, 5 and also 6, and the formalism is simple and precise for automation of security analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mao W (2004) Modern Cryptography: Theory and Practice. Prentice Hall, New Jersey

    Google Scholar 

  2. Menezes A, van Oorschot P, Vanstone S (1996) Handbook of Applied Cryptography. CRC Press, New York

    Book  Google Scholar 

  3. Goldreich O (2003) Foundations of Cryptography. Cambridge University Press, New York

    Google Scholar 

  4. Burrows M, Abadi M, Needham R (1990) A Logic of Authentication. ACM Transactions on Computer Systems 8(1): 18–36

    Article  Google Scholar 

  5. Lowe G (1999) Towards a Completeness Result for Model Checking of Security Protocols. Journal of Computer Security 7(2–3): 89–146

    Google Scholar 

  6. Fabrega FJT, Herzog JC, Guttman JD (1998) Strand Spaces: Why is a Security Protocol Correct? In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, 3–6 May 1998

    Google Scholar 

  7. Needham RM, Schroeder MD (1978) Using Encryption for Authentication in Large Network of Computers. Communication of the ACM 21(12): 993–999

    Article  MATH  Google Scholar 

  8. Zhang YQ (2000) Study on Analysis of Security Protocols of Computer Communication Network. PhD Dissertation (in Chinese), XIDIAN University

    Google Scholar 

  9. Gong L, Needham R, Yahalom R (1990) Reasoning About Belief in Cryptographic Protocols. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, 7–9 May 1990

    Google Scholar 

  10. Abadi M, Tuttle MR (1991) A Semantics for a Logic of Authentication. In: Proceedings of the 10th ACM Symposium on Principles of Distributed Computing, Montreal, 19–21 Aug 1991

    Google Scholar 

  11. Syverson PF, Oorschot PCV (1994) On Unifying Some Cryptographic Protocol Logics. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, Oakland, 16–18 May 1994

    Google Scholar 

  12. Lowe G (1996) Breaking and Fixing the Needham-Schroeder Public-key Protocol Using FDR. In: TACAS’96 Proceedings of the 12th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, Passau, 27–29 Mar 1996. Lecture Notes in Computer Science (Lecture Notes in Software Configuration Management), vol 1055. Springer, Heidelberg, pp 147–166

    Google Scholar 

  13. Millen JK, Clark SC, Freedman SB (1987) The Interrogator: Protocol Security Analysis. IEEE Trans. Software Eng. 13(2): 274–288

    Article  Google Scholar 

  14. Mitchell JC, Mitchell M, Stern U (1997) Automated Analysis of Cryptographic Protocols Using Mur?. In: Proceedings of 1997 IEEE Symposium on Security and Privacy, Oakland, 4–7 May 1997

    Google Scholar 

  15. Meadows C (1994) A Model of Computation for the NRL Protocol Analyzer. In: Proceedings of the 1994 Computer Security FoundationsWorkshop, Franconia, 14–16 June 1994

    Google Scholar 

  16. Meadows C (1996) The NRL Protocol Analyzer: an Overview. Journal of Logic Programming 26(2): 113–131

    Article  MATH  Google Scholar 

  17. Meadows C (1999) Analysis of the Internet key Exchange Protocol Using the NRL Protocol Analyzer. In: Proceedings of 1999 IEEE Symposium on Security and Privacy, Oakland, 9–12 May 1999

    Google Scholar 

  18. Fabrega FJT, Herzog JC, Guttman JD (1999) Mixed Strand Spaces. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop, Mordano, 28–30 June 1999

    Google Scholar 

  19. Song D, Berezin S, Perrig A (2001) Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis. Journal of Computer Security 9(1–2): 47–74

    Google Scholar 

  20. Dong L (2008) Cryptographic Protocol Engineering and Protocol Security Based on Trusted Freshness. PhD Dissertation (in Chinese), Shanghai Jiaotong University

    Google Scholar 

  21. Chen K, Dong L, Lai X (2008) Security Analysis of Cryptographic Protocols Based on Trusted Freshness. Journal of Korea Institute of Information Security and Cryptology, 18(6B): 1–13

    MATH  Google Scholar 

  22. Dong L, Chen K, Lai X (2009) Belief Multisets for Cryptographic Protocol Analysis. Journal of Software 20(11): 3060–3076 (in Chinese)

    Article  Google Scholar 

  23. Dong L, Chen K, Lai X, Wen M (2009) When is a Key Establishment Protocol Correct? Security and Communication Networks, 2(6): 567–579

    Google Scholar 

  24. Otway D, Rees O (1987) Efficient and Timely Mutual Authentication. Operating Systems Review 21(1): 8–10

    Article  Google Scholar 

  25. Abadi M, Needham R (1996) Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1): 6–15

    Article  Google Scholar 

  26. Denning DE, Sacco GM (1981) Timestamps in Key Distribution Protocols. Communication of the ACM 24(8): 533–536

    Article  Google Scholar 

  27. Lowe G (1995) An Attack on the Needham-Schroeder Public Key Authentication Protocol. Information Processing Letters 56(3): 131–133

    Article  MATH  Google Scholar 

  28. ANSI/IEEE Std 802.11. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Sept 1999

    Google Scholar 

  29. Furqan Z, Muhammad S, Guha RK (2006) Formal Verification of 802.11i Using Strand Space Formalism. In: IEEE Proceedings of ICNICONSMCL’2006, Morne, 23–29 Apr 2006. IEEE Press, pp 140–140

    Google Scholar 

  30. Sithirasenan E, Zafar S, Muthukkumarasamy V (2006) Formal Verification of the IEEE 802.11i WLAN Security Protocol. In: IEEE Proceedings of ASWEC’2006, Sydney, 18–21 Apr 2006. IEEE Press, pp 181–190

    Google Scholar 

  31. Brown B (2003) 802.11: The Security Differences Between b and i. IEEE Potentials 22(4): 23–27

    Article  Google Scholar 

  32. IEEE Std 802.11i-2004. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Medium Access Control (MAC) Security Enhancements. July 2004

    Google Scholar 

  33. IEEE Std 802.1X. Port-based Network Access Control. New York: IEEE Press, 2001

    Google Scholar 

  34. IEEE Std EAP-2004. Extensible Authentication Protocol (EAP). New York: IEEE Press, June 2004

    Google Scholar 

  35. He C, Mitchell JC (2004) Analysis of the 802.11i 4-Way Handshake. In: Proceedings of the 3rd ACMWorkshop on Wireless security (Wise’04), Philadelphia, 1 Oct 2004. pp 43–50

    Google Scholar 

  36. Chen JC, Jiang MC, Liu YW (2005) Wireless Lan Security and IEEE 802.11i. IEEE Wireless Communications 12(1): 27–36

    Article  Google Scholar 

  37. Guttman JD, Thayer F (2000) Authentication Tests. In: Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, 14–17 May 2000

    Google Scholar 

  38. Bellare M, Rogaway P (1993) Entity Authentication and Key Distribution. In: CRYPTO’93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 22–26 Aug 1993. Lecture Notes in Computer Science, vol 773. Springer-Verlag, pp 232–249

    Google Scholar 

  39. Canetti R, Krawczy H (2001) Analysis of Key-exchange Protocols and Their Use for Building Secure Channels. In: EUROCRYPT’01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, Innsbruck, 6–10 May 2001. Lecture Notes in Computer Science, vol 2045. Springer-Verlag, pp 453–474

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai, 200240, P.R. China

    Ling Dong & Kefei Chen

Authors
  1. Ling Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kefei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dong, L., Chen, K. (2012). Formalism of Protocol Security Analysis. In: Cryptographic Protocol. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24073-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24073-7_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24072-0

  • Online ISBN: 978-3-642-24073-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation