Abstract
Channels are an abstraction of the many concrete techniques to enforce particular properties of message transmissions such as encryption. We consider here three basic kinds of channels—authentic, confidential, and secure—where agents may be identified by pseudonyms rather than by their real names. We define the meaning of channels as assumptions, i.e. when a protocol relies on channels with particular properties for the transmission of some of its messages. We also define the meaning of channels as goals, i.e. when a protocol aims at establishing a particular kind of channel. This gives rise to an interesting question: given that we have verified that a protocol P 2 provides its goals under the assumption of a particular kind of channel, can we then replace the assumed channel with an arbitrary protocol P 1 that provides such a channel? In general, the answer is negative, while we prove that under certain restrictions such a compositionality result is possible.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Fournet, C., Gonthier, G.: Secure Implementation of Channel Abstractions. Information and Computation 174(1), 37–83 (2002)
Andova, S., Cremers, C., Gjøsteen, K., Mauw, S., Mjølsnes, S., Radomirović, S.: A framework for compositional verification of security protocols. Information and Computation 206, 425–459 (2008)
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Héam, P.-C., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Armando, A., Carbone, R., Compagna, L.: LTL Model Checking for Security Protocols. In: Proc. CSFW 2007, pp. 385–396. IEEE CS Press, Los Alamitos (2007)
AVISPA. Deliverable 2.3: The Intermediate Format (2003), http://www.avispa-project.org
Backes, M., Pfitzmann, B., Waidner, M.: Secure asynchronous reactive systems, Cryptology ePrint Archive, Report 2004/082 (2004), http://eprint.iacr.org/
Bradner, S., Mankin, A., Schiller, J.: A framework for purpose built keys (PBK) (2003), draft-bradner-pbk-frame-06.txt (Work in Progress)
Bugliesi, M., Focardi, R.: Language based secure communication. In: Proc. CSFW 2008, pp. 3–16. IEEE Computer Society Press, Los Alamitos (2008)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proc. FOCS 2001, pp. 136–145. IEEE Computer Society Press, Los Alamitos (2001)
Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key Kerberos. Information and Computation 206, 402–424 (2008)
Cortier, V., Delaune, S.: Safely composing security protocols. Formal Methods in System Design 34(1), 1–36 (2009)
Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: Secure protocol composition. In: Proc. FMSE 2003, pp. 11–23. ACM Press, New York (2003)
Delaune, S., Kremer, S., Ryan, M.D.: Composition of password-based protocols. In: Proc. CSFW 2008, pp. 239–251. IEEE Computer Society Press, Los Alamitos (2008)
Dierks, T., Allen, C.: RFC2246 – The TLS Protocol Version 1 (1999)
Dilloway, C., Lowe, G.: On the specification of secure channels. In: Proc. WITS 2007 (2007)
Guttman, J.D.: Authentication tests and disjoint encryption: a design method for security protocols. J. Comp. Sec. 4(12), 409–433 (2004)
Guttman, J.D.: Cryptographic protocol composition via the authentication tests. In: de Alfaro, L. (ed.) FOSSACS 2009, vol. 5504, pp. 303–317. Springer, Heidelberg (2009)
Hankes Drielsma, P., Mödersheim, S., Viganò, L., Basin, D.: Formalizing and analyzing sender invariance. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 80–95. Springer, Heidelberg (2007)
Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: Proc. CSFW 2000, pp. 217–244. IEEE CS Press, Los Alamitos (2000)
Johnson, D., Perkins, C., Arkko, J.: RFC3775–Mobility Support in IPv6 (2004)
Lowe, G.: A hierarchy of authentication specifications. In: Proc. CSFW 1997, pp. 31–43. IEEE CS Press, Los Alamitos (1997)
Lowe, G.: Casper: a Compiler for the Analysis of Security Protocols. J. Comp. Sec. 6(1), 53–84 (1998)
Maurer, U.M., Schmid, P.E.: A calculus for security bootstrapping in distributed systems. J. Comp. Sec. 4(1), 55–80 (1996)
Mödersheim, S.: Models and Methods for the Automated Analysis of Security Protocols. PhD Thesis, ETH Zurich, ETH Dissertation No. 17013 (2007)
Mödersheim, S.: Algebraic Properties in Alice and Bob Notation. In: Proc. Ares 2009; Full version: T. Rep. RZ3709, IBM Zurich Research Lab (2008), http://domino.research.ibm.com/library/cyberdig.nsf
Mödersheim, S., Viganò, L.: Secure Pseudonymous Channels (extended version). T. Rep. RZ3724, IBM Zurich Research Lab (2009), http://domino.research.ibm.com/library/cyberdig.nsf
Sprenger, C., Backes, M., Basin, D., Pfitzmann, B., Waidner, M.: Cryptographically Sound Theorem Proving. In: Proc. CSFW 2006, pp. 153–166. IEEE CS Press, Los Alamitos (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mödersheim, S., Viganò, L. (2009). Secure Pseudonymous Channels. In: Backes, M., Ning, P. (eds) Computer Security – ESORICS 2009. ESORICS 2009. Lecture Notes in Computer Science, vol 5789. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04444-1_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-04444-1_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04443-4
Online ISBN: 978-3-642-04444-1
eBook Packages: Computer ScienceComputer Science (R0)