A New Logic for Electronic Commerce Protocols
The primary objective of this paper is to present the definition of a new dynamic, linear and modal logic for security protocols. The logic is compact, expressive and formal. It allows the specification of classical security properties (authentication, secrecy and integrity) and also electronic commerce properties (non-repudiation, anonymity, good atomicity, money atomicity, certified delivery, etc.). The logic constructs are interpreted over a trace-based model. Traces reflect valid protocol executions in the presence of a malicious smart intruder. The logic is endowed with a tableau-based proof system that leads to a modular denotational semantics.
KeywordsModal Logic Security Protocol Security Property Cryptographic Protocol Denotational Semantic
Unable to display preview. Download preview PDF.
- 1.Martin Abadi and Andrew D. Gordon. A Calculus for Cryptographic Protocols: The Spi Calculus. In Proceedings of the Fourth ACM Conference on Computer and Communications Security. ACM Press, April 1997.Google Scholar
- 2.P. Bieber. A Logic of Communication in a Hostile Environment. In Proceedings of the Computer Security Foundations Workshop III, pages 14–22. IEEE Computer Society Press, 1990.Google Scholar
- 3.Dominique Bolignano. An Approach to the Formal Verification of Cryptographic Protocols. In Proceedings of the Third ACM Conference on Computer and Communications Security, CCS’96, New Delhi, India, pages 106–118. ACM Press, 1996.Google Scholar
- 5.U. Carlsen. Formal Specification and Analysis of Cryptographic Protocols. PhD thesis, Thèse d’Informatique soutenue à l’Université PARIS XI, October 1994.Google Scholar
- 6.C. A. R. Hoare. Communicating Sequential Processes. Prentice Hall, 1985.Google Scholar
- 7.V. Shmatikov J. C. Mitchell and U. Stern. Finite-state analysis of SSL 3.0. In Proceedings of the 7th USENIX Security Symposium (SECURITY-98), pages 201–216, Berkeley, January 26–29, 1998. Usenix Association.Google Scholar
- 8.R. A. Kemmerer. Using Formal Verification Techniques to Analyze Encryption Protocols. In Proceedings of the 1987 IEEE Symposium on Research in Security and Privacy, pages 134–139. IEEE Computer Society Press, 1987.Google Scholar
- 10.Gavin Lowe. Some New Attacks upon Security Protocols. In Proceedings of the Computer Security Foundations Workshop VIII. IEEE Computer Society Press, 1996.Google Scholar
- 11.Einar Snekkenes. Authentication in Open Systems. In 10th IFIP WG 6.1 Symposium on Protocol Specification, Testing and Verification, pages 313–324, June 1990.Google Scholar
- 12.Einar Snekkenes. Formal Specification and Analysis of Cryptographic Protocols. PhD thesis, Faculty of Mathematics and Natural Sciences, University of Oslo, Norwegian Defence Research Establishment, P.O. Box 25, N-2007, Kjeller, Norway, January 1995.Google Scholar
- 13.The commission of the European Communities CEC DG-XIII. Security Investigation Final Report. Technical Report S2011/7000/D010 7000 1000, CEC, September 1993.Google Scholar
- 14.Vijay Varadharajan. Verification of Network Security Protocols. Computers and Security, 8, December 1989.Google Scholar