The Verifiability of Two-Party Protocols
Public key encryption as used in network communication has been investigated extensively. The main advantage of the techniques developed in this a rea is the potential for secure communication. However, while public key systems are often effective in preventing a passive saboteur from deciphering an intercepted message, protocols must be designed to be secure when dealing with saboteurs who can impersonate users or send copies of intercepted messages on the public channel. Dolev and Yao  have shown how informal arguments about protocols can lead to erroneous conclusions, and they have developed formal models of two-party protocols, both cascade protocols and name-stamp protocols. Recall that a protocol is a set of rules that specify what operators a pair of users, the sender and the receiver, need to apply in an exchange of messages for the purpose of transmitting a given plaintext message from the sender to the receiver. In terms of their models, Dolev and Yao developed an elegant characterization of cascade protocols that are secure, a characterization with conditions that can be checked by inspection.
- 1.R.V. Book and F. Otto, On the security of name-stamp protocols, Theoret. Comput. Sci. 40 (1985), to appear.Google Scholar