Advertisement

Typing One-to-One and One-to-Many Correspondences in Security Protocols

  • Andrew D. Gordon
  • Alan Jefrey
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2609)

Abstract

Both one-to-one and one-to-many correspondences between events, sometimes known as injective and non-injective agreements, respectively, are widely used to specify correctness properties of cryptographic protocols. In earlier work, we showed how to typecheck one-to-one correspondences for protocols expressed in the spi-calculus. We present a new type and e.ect system able to verify both one-to-one and one-to-many correspondences.

Keywords

IEEE Computer Society Type System Operational Semantic Security Protocol Cryptographic Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [AB01]
    M. Abadi and B. Blanchet. Secrecy types for asymmetric communication. In Foundations of Software Science and Computation Structures, volume 2030 of Lecture Notes in Computer Science, pages 25–41. Springer, 2001.CrossRefGoogle Scholar
  2. [Aba99]
    M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749–786, September 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  3. [AFG98]
    M. Abadi, C. Fournet, and G. Gonthier. Secure communications implementation of channel abstractions. In 13th IEEE Symposium on Logic in Computer Science (LICS’98), pages 105–116, 1998.Google Scholar
  4. [AFG00]
    M. Abadi, C. Fournet, and G. Gonthier. Authentication primitives and their compilation. In 27th ACM Symposium on Principles of Programming Languages (POPL’00), pages 302–315, 2000.Google Scholar
  5. [AG99]
    M. Abadi and A.D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1–70, 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  6. [AN95]
    R. Anderson and R. Needham. Programming Satan’s computer. In J. van Leeuwen, editor, Computer Science Today: Recent Trends and Developments, volume 1000 of Lecture Notes in Computer Science, pages 426–440. Springer, 1995.Google Scholar
  7. [BAN89]
    M. Burrows, M. Abadi, and R.M. Needham. A logic of authentication. Proceedings of the Royal Society of London A, 426:233–271, 1989.Google Scholar
  8. [BCJS02]
    F. Butler, I. Cervesato, A.D. Jaggard, and A. Scedrov. A formal analysis of some properties of Kerberos 5 using MSR. In 15th IEEE Computer Security Foundations Workshop, pages 175–190. IEEE Computer Society Press, 2002.Google Scholar
  9. [Bla02]
    B. Blanchet. From secrecy to authenticity in security protocols. In 9th International Static Analysis Symposium (SAS’02), volume 2477 of Lecture Notes in Computer Science, pages 242–259. Springer, 2002.Google Scholar
  10. [Cer01]
    I. Cervesato. Typed MSR: Syntax and examples. In First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security, volume 2052 of Lecture Notes in Computer Science, pages 159–177. Springer, 2001.Google Scholar
  11. [Dug02]
    D. Duggan. Cryptographic types. In 15th IEEE Computer Security Foundations Workshop, pages 238–252. IEEE Computer Society Press, 2002.Google Scholar
  12. [DY83]
    D. Dolev and A.C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208, 1983.CrossRefMathSciNetGoogle Scholar
  13. [Eng96]
    J. Engelfriet. A multiset semantics for the pi-calculus with replication. Theoretical Computer Science, 153:65–94, 1996.zbMATHCrossRefMathSciNetGoogle Scholar
  14. [FG94]
    R. Focardi and R. Gorrieri. A classi.cation of security properties for process algebra. Journal of Computer Security, 3(1):5–33, 1994.Google Scholar
  15. [FGM00]
    R. Focardi, R. Gorrieri, and F. Martinelli. Message authentication through non-interference. In International Conference on Algebraic Methodology And Software Technology (AMAST2000), volume 1816 of Lecture Notes in Computer Science, pages 258–272. Springer, 2000.Google Scholar
  16. [GJ01a]
    A.D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. In 14th IEEE Computer Security Foundations Workshop, pages 145–159. IEEE Computer Society Press, 2001.Google Scholar
  17. [GJ01b]
    A.D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. In Mathematical Foundations of Programming Semantics 17, volume 45 of Electronic Notes in Theoretical Computer Science. Elsevier, 2001.Google Scholar
  18. [GJ02]
    A.D. Gordon and A. Jeffrey. Types and e.ects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop, pages 77–91. IEEE Computer Society Press, 2002.Google Scholar
  19. [GL86]
    D.K. Gifford and J.M. Lucassen. Integrating functional and imperative programming. In ACM Conference on Lisp and Functional Programming, pages 28–38, 1986.Google Scholar
  20. [Gol02]
    D. Gollmann. Authentication by correspondence. IEEE Journal on Selected Areas in Communication, 2002. To appear.Google Scholar
  21. [GP02]
    A.D. Gordon and R. Pucella. Validating a web service security abstraction by typing. In ACM Workshop on XML Security, 2002. To appear.Google Scholar
  22. [GT02]
    J.D. Guttman and F.J. Thayer. Authentication tests and the structure of bundles. Theoretical Computer Science, 283(2):333–380, 2002.zbMATHCrossRefMathSciNetGoogle Scholar
  23. [LLL+02]
    B.A. LaMacchia, S. Lange, M. Lyons, R. Martin, and K.T. Price..NET Framework Security. Addison Wesley Professional, 2002.Google Scholar
  24. [Low97]
    G. Lowe. A hierarchy of authentication speci.cations. In 10th IEEE Computer Security Foundations Workshop, pages 31–43. IEEE Computer Society Press, 1997.Google Scholar
  25. [LY97]
    T. Lindholm and F. Yellin. The Java Virtual Machine Speci.cation. Addison-Wesley, 1997.Google Scholar
  26. [Mea96]
    C. Meadows. The NRL Protocol Analyzer: An overview. Journal of Logic Programming, 26(2):113–131, 1996.zbMATHCrossRefGoogle Scholar
  27. [Pau98]
    L.C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–128, 1998.Google Scholar
  28. [PS00]
    B. Pierce and E. Sumii. Relating cryptography and polymorphism. Available from the authors, 2000.Google Scholar
  29. [Ros96]
    A.W. Roscoe. Intensional speci.cations of security protocols. In 8th IEEE Computer Security Foundations Workshop, pages 28–38. IEEE Computer Society Press, 1996.Google Scholar
  30. [Sch98]
    S.A. Schneider. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9):741–758, 1998.CrossRefGoogle Scholar
  31. [SM02]
    A. Sabelfeld and A.C. Myers. Language-based information-flow security.IEEE Journal on Selected Areas in Communication, 2002. To appear.Google Scholar
  32. [WL93]
    T.Y.C. Woo and S.S. Lam. A semantic model for authentication protocols. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 178–194, 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Andrew D. Gordon
    • 1
  • Alan Jefrey
    • 2
  1. 1.Microsoft ResearchUSA
  2. 2.DePaul UniversityUSA

Personalised recommendations