A Type and Effect Analysis of Security Protocols

  • Andrew D. Gordon
  • Alan Jeffrey
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2126)


We propose a new method to check authenticity properties of cryptographic protocols. First, code up the protocol in the spi-calculus of Abadi and Gordon. Second, specify authenticity properties by annotating the code with correspondence assertions in the style of Woo and Lam. Third, figure out types for the keys, nonces, and messages of the protocol. Fourth, check that the spi-calculus code is well-typed according to a novel type and effect system. Our main theorem guarantees that any well-typed protocol is robustly safe, that is, its correspondence assertions are true in the presence of any opponent expressible in spi. It is feasible to apply this method by hand to several well-known cryptographic protocols. It requires little human effort per protocol, puts no bound on the size of the opponent, and requires no state space enumeration. Moreover, the types for protocol data provide some intuitive explanation of how the protocol works. Our method has led us to the independent rediscovery of flaws in existing protocols and to the design of improved protocols. My talk will describe our method and give some simple examples. Papers describing the method in detail appear elsewhere [1,2].


IEEE Computer Society Security Protocol Computer Security Cryptographic Protocol Intuitive Explanation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    A.D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. In 14th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 2001. To appear.Google Scholar
  2. 2.
    A.D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. In Mathematical Foundations of Programming Semantics 17, Electronic Notes in Theoretical Computer Science. Elsevier, 2001. To appear.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Andrew D. Gordon
    • 1
  • Alan Jeffrey
    • 2
  1. 1.Microsoft ResearchUSA
  2. 2.DePaul UniversityUSA

Personalised recommendations