Formal semantics for authentication logics
We present a new BAN-like logic and a new formal semantics for logics of authentication. The main focus of this paper is on the foundation of this logic by a possible-worlds semantics. The logic was designed for implementation in the tool AUTLOG and is able to handle most kinds of protocols used in practice. The underlying logic is a K45-logic, including negation. We replace the critical idealization step by changing the set of premises. The formal semantics enables us to detect flaws in previous logics. We apply the logic to a new authentication protocol designed for UMTS.
Key wordsFormal verification logic of authentication cryptographic protocols key management
Unable to display preview. Download preview PDF.
- 1.M. Abadi, M. Tuttle, “A Semantics for a Logic of Authentication,” Proc. of the ACM Symposium of Principles of Distributed Computing, 1991, 201–216.Google Scholar
- 2.M. Burrows, M. Abadi, R. Needham, A Logic of Authentication, Report 39 Digital Systems Research Center, Pao Alto, California, 1989.Google Scholar
- 3.Chellas, Modal Logic, Cambridge University Press, Cambridge, England, 1980.Google Scholar
- 4.L. Chen, D. Gollmann, Y. Han, C. Mitchell, Formal Verification of a Mutual Authentication Protocol, Royal Holloway, University of London 3GS3/IREP/ RHUL/032/A(draft), 1995.Google Scholar
- 5.R. Fagin, J. Halpern, Y. Moses, M. Vardi, Reasoning about knowledge, MIT Press, Cambridge, Mass., 1995.Google Scholar
- 6.L. Gong, R. Needham, R. Yahalom, “Reasoning about Belief in Cryptographic Protocols,” Proc. of the 1990 IEEE Symp. on Research in Security and Privacy, 234–248.Google Scholar
- 7.V. Kessler, G. Wedel, “AUTLOG — An Advanced Logic of Authentication,” Proc. of the Computer Security Foundations Workshop VII, Franconia, IEEE Computer Society Press 1994, 90–99.Google Scholar
- 8.ETSI SMG/SG/TD 73/95 Protocols for UMTS Providing Mutual Authentication and Key Establishment Using Asymmetric Techniques.Google Scholar
- 9.P. Syverson, P. van Oorschot, “On Unifying Some Cryptographic Protocol Logics”, Proc. of the IEEE Computer Society Symp. on Security and Privacy 1994, 14–28.Google Scholar
- 10.P. Syverson, P. van Oorschot, A Unified Cryptographic Protocol Logic, Unpublished preprint, March 1996.Google Scholar
- 11.G. Wedel, Formale Semantik für Authentifikationslogiken, Diplomarbeit FB Mathematik der RWTH Aachen, Nov. 1995.Google Scholar