A New Approach to Reasoning About Accountability in Cryptographic Protocols for E-Commerce

  • Hongxue Wang
  • Vijay Varadharajan
  • Yan Zhang
Part of the Advances in Information Security book series (ADIS, volume 2)


This chapter presents a generic belief logic and demonstrates how it can be used to reason about accountability in cryptographic protocols for electronic commerce. First, we explain why the analysis of accountability properties can be treated in terms of belief. Different from other logics that have been proposed earlier to deal with accountability, our logic uses more general logical terms to deal with accountability, instead of the specific predicate “canprove”. We argue that the essence of accountability is actually the ability to “make” someone “believe” something, and the notion of “make” is just another modal operator in a generic belief logic. We then describe our belief logic and present an axiomatization system for analyzing cryptographic protocols for e-commerce. Finally, we illustrate with two examples how our logic can be used for our intended purpose.


Inference Rule Cryptographic Protocol Computer Security Foundation Workshop Belief Logic Service Acknowledgement 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AT91]
    M. Abadi and M. Tuttle, A semantics for a logic of authentication. In Proceedings of the Tenth ACM Symposium on Principles of Distributed Computing, pp.201–216, 1991.Google Scholar
  2. [B90]
    P. Bieber, A logic of communication in a Hostile Environment. In Proceedings of the Computer Security Foundation Workshop III, pp.14–22, IEEE Computer Society Press, June 1990.CrossRefGoogle Scholar
  3. [B97]
    D. Bolignano, Towards the formal verification of electronic commerce protocols, Proc. of the tenth computer security foundations workshop, pp133–146, Rockport, IEEE Computer Society Press, 1997.Google Scholar
  4. [BAN89]
    M. Burrows, M. Abadi, and R. Needham, A logic of authenti-cation. Research Report 39, Digital Systems Research Centre, 1989.Google Scholar
  5. [C95]
    B. F. Chellas, Modal Logic—an introduction, pp.26, Cambridge University Press, 1995.Google Scholar
  6. [CH73]
    Chin-Liang Chang and Richard Char-Tung Lee, Symbolic Logic and Mathematical Theorem Proving, Academic Press, 1973.Google Scholar
  7. [DS81]
    D.E. Denning and G.M. Sacco. Timestamps in Key distribution protocols. CA CM, vol. 24, No. 8, pp.533–536, August 1981.Google Scholar
  8. [FV95]
    R. Fagin, J.Y. Halpern, Y. Moses, M.Y. Vardi, Reasoning about Knowledge, pp.76–80, The MIT Press, 1995.zbMATHGoogle Scholar
  9. [G90]
    L. Gong, Cryptographic Protocols for Distributed Systems, Ph.D. dissertation, University of Cambridge, April, 1990.Google Scholar
  10. [GNY90]
    L. Gong, R. Needham, and R. Yahalom, Reasoning about belief in cryptographic protocols. In Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp.234–248, 1990.IBM Zurich Research, iKP — a family of secure electronic payment protocols.
  11. [K95]
    R. Kailar, Reasoning about accountability in protocols for electronic commerce, in Proceedings of IEEE Symposium on Security and Privacy, pp.236–250, IEEE Computer Society Press, 1995.Google Scholar
  12. [KN98]
    V. Kessler and H. Neumann, A sound logic for analyzing electronic commerce protocols, Fifth European Symposium on Research in Computer Security: ESORICS 98 (Springer LNCS 1485, 1998), pp345–360, Springer 1998.Google Scholar
  13. [OT94]
    Kevin O’Toole, The Internet Billing Server Transaction Protocol Alternatives, Technical Report INI TR 1994–1, Carnegie Mellon University1994. Scholar
  14. [RSW96]
    R. L. Rivest, A. Shamir, and D. A. Wagner, Time-lock puzzles and timed-release crypto, Technical Report, MIT Laboratory for Computer Science, 1996.Google Scholar
  15. [S90]
    P. Syverson, Formal Semantics for Logics of Cryptographic Protocols, Proceedings of the Computer Security Foundations Workshop III, Franconia, NH June 1990. IEEE CS Press, Los Alamitos CA, 1990.Google Scholar
  16. [SVO94]
    P. Syverson and P.C. Van Oorschot, On unifying some cryptographic protocol logics, In Proceedings of the Computer Security Foundations Workshop VII(CSFW’94), (IEEE), pp.14–28, 1994.Google Scholar
  17. [VO93]
    P.C. Van Oorschot. Extending Cryptographic Logics of Belief to Key Agreement Protocols (Extended Abstract). In proceedings of the first ACM conference on Computer and Communication Security, pages 232–234, November 1993.Google Scholar
  18. [VM96]
    V. Varadharajan and Y. Mu, On the design of secure electronic payment schemes for Internet, in Proceedings of Twelfth Annual Computer Security Applications Conference, pp.78–87. IEEE Computer Society Press, 1996.CrossRefGoogle Scholar
  19. [VWZ00]
    V. Varadharajan, H. Wang and Y. Zhang, Towards a generic logic for the analysis of cryptographic protocols, to appear in Proceedings of the 20th International Conference on Distributed Computing Systems, IEEE Computer Society, April 2000.Google Scholar
  20. [VWZ01]
    V. Varadharajan, H. Wang and Y. Zhang, a generic logic for the analysis of cryptographic protocols, manuscript, 2000.Google Scholar

Copyright information

© Springer Science+Business Media New York 2001

Authors and Affiliations

  • Hongxue Wang
    • 1
  • Vijay Varadharajan
    • 2
  • Yan Zhang
    • 2
  1. 1.Athabasca UniversityAthabascaCanada
  2. 2.University of Western Sydney NepeanKingswoodAustralia

Personalised recommendations