Mechanising a Protocol for Smart Cards

  • Giampaolo Bella
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2140)


Paulson’s Inductive Approach for verifying traditional cryptographic protocols is tailored to those where agents make use of smart cards. An intruder can actively exploit other agents’ cards, which can be stolen or cloned. The approach is demonstrated on the Shoup-Rubin protocol, which is modelled and verified thoroughly. The protocol achieves strong goals of confidentiality, authentication and key distribution. However, our proofs highlight that a few messages require additional explicitness in order to guarantee those goals to the peers when the cards’ data buses are unreliable.


smart card protocols Inductive Approach confidentiality authentication key distribution 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Abadi and R. M. Needham. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering, 22(1):6–15, January 1996.Google Scholar
  2. 2.
    R. J. Anderson and M. J. Kuhn. Low Cost Attacks on Tamper Resistant Devices. In M. e. a. Lomas, editor, Proc. of the 5th International Workshop on Security Protocols, LNCS 1361, pages 125–136. Springer-Verlag, 1997.Google Scholar
  3. 3.
    G. Bella. Message Reception in the Inductive Approach. Research Report 460, University of Cambridge — Computer Laboratory, 1999.Google Scholar
  4. 4.
    G. Bella. Modelling Agents’ Knowledge Inductively. In Proc. of the 7th International Workshop on Security Protocols, LNCS 1796. Springer-Verlag, 1999.Google Scholar
  5. 5.
    G. Bella. Inductive Verification of Cryptographic Protocols. PhD thesis, University of Cambridge, Computer Laboratory, 2000. Research Report 493.Google Scholar
  6. 6.
    G. Bella and L. C. Paulson. Are Timestamps Worth the Effort? A Formal Treatment. Research Report 447, University of Cambridge — Computer Laboratory, 1998.Google Scholar
  7. 7.
    G. Bella and L. C. Paulson. Kerberos Version IV: Inductive Analysis of the Secrecy Goals. In J.-J. Quisquater, Y. Desware, C. Meadows, and D. Gollmann, editors, Proc. of the 5th European Symposium on Research in Computer Security (ESORICS’98), LNCS 1485, pages 361–375. Springer-Verlag, 1998.Google Scholar
  8. 8.
    G. Bella and L. C. Paulson. Mechanising BAN Kerberos by the Inductive Method. In A. J. Hu and M. Y. Vardi, editors, Proc. of the International Conference on Computer-Aided Verification (CAV’98), LNCS 1427, pages 416–427. Springer-Verlag, 1998.CrossRefGoogle Scholar
  9. 9.
    R. Jerdonek, P. Honeyman, K. Coffman, J. Rees, and K. Wheeler. Implementation of a Provably Secure, Smartcard-based Key Distribution Protocol. In J.-J. Quisquater and B. Schneier, editors, Proc. of the 3rd Smart Card Research and Advanced Application Conference (CARDIS’98), 1998.Google Scholar
  10. 10.
    T. Leighton and S. Micali. Secret-key Agreement without Public-key Cryptography. In D. R. Stinson, editor, Proc. of Advances in Cryptography — CRYPTO’93, LNCS 773, pages 456–479. Springer-Verlag, 1993.Google Scholar
  11. 11.
    L. C. Paulson. Isabelle: A Generic Theorem Prover. LNCS 828. Springer-Verlag, 1994.zbMATHGoogle Scholar
  12. 12.
    L. C. Paulson. The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security, 6:85–128, 1998.Google Scholar
  13. 13.
    P. Y. A. Ryan and S. A. Schneider. The Modelling and Analysis of Security Protocols: the CSP Approach. Addison-Wesley, 2000.Google Scholar
  14. 14.
    V. Shoup and A. Rubin. Session Key Distribution using Smart Cards. In U. Maurer, editor, Advances in Cryptology — Eurocrypt’96, LNCS 1070, pages 321–331. Springer-Verlag, 1996.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Giampaolo Bella
    • 1
    • 2
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK
  2. 2.Dipartimento di Matematica e InformaticaUniversità di CataniaCataniaItaly

Personalised recommendations