Advertisement

An Extension of Formal Analysis Method with Reasoning for Anonymity

  • Yating Wang
  • Yuichi GotoEmail author
Conference paper
  • 251 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12034)

Abstract

Formal analysis method with reasoning has been proposed as an alternative formal analysis method for cryptographic protocols. In the method, at first, analysts formalize the participant’s and attacker’s behaviors in order to carry out forward reasoning, then analysts check whether the logic formulas that represents security flaws of the target protocol exist or not in deduced logical formulas. However, the current method can deal with security flaws related to authentication, confidentiality, fairness, and non-repudiation, but not anonymity. This paper proposes an extension of formal analysis method with reasoning for dealing with security flaws related to anonymity. The paper also gives a case study with the proposed method in the Bolignano protocol. The result shows that the extension method is useful to detect security flaws related to anonymity.

Keywords

Formal analysis method with reasoning Cryptographic protocols Anonymity 

References

  1. 1.
    Avalle, M., Alfredo, P., Bogdan, W.: Formal verification of security protocol implementations: a survey. Formal Aspects Comput. 26(1), 99–123 (2014)CrossRefGoogle Scholar
  2. 2.
    Bolignano, D.: Towards the formal verification of electronic commerce protocols. In: The 10th IEEE Computer Security Foundation Workshop, Rockport, USA, pp. 133–146 (1997)Google Scholar
  3. 3.
    Bau, J., Mitchell, J.C.: Security modeling and analysis. IEEE Secur. Priv. 9(3), 18–25 (2011)CrossRefGoogle Scholar
  4. 4.
    Cheng, J., Miura, J.: Deontic relevant logic as the logical basis for specifying, verifying, and reasoning about information security and information assurance. In: The 1st International Conference on Availability, Reliability and Security (ARES 2006), pp. 601–608. IEEE Computer Society, Vienna (2006)Google Scholar
  5. 5.
    Cheng, J., Nara, S., Goto, Y.: FreeEnCal: a forward reasoning engine with general-purpose. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007. LNCS (LNAI), vol. 4693, pp. 444–452. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74827-4_56CrossRefGoogle Scholar
  6. 6.
    Cortier, V., Kremer, S., Warinschi, B.: A survey of symbolic methods in computational analysis of cryptographic systems. J. Autom. Reason. 46(3–4), 225–259 (2011) MathSciNetCrossRefGoogle Scholar
  7. 7.
    Dreier, J., Kassem, A., Lafourcade, P.: Formal analysis of e-cash protocols. In: The 12th International Conference on Security and Cryptography (SECRYPT 2015), Colmar, France, pp. 65–75 (2015)Google Scholar
  8. 8.
    Jiang, Y., Gong, H.: Modeling and formal analysis of communication protocols based on game. In: 2010 International Conference on Computer Application and System Modeling (ICCASM 2010), vol. 12, no. 3, pp. 470–473 (2013)CrossRefGoogle Scholar
  9. 9.
    Javan, S., Bafghi, A.: An anonymous mobile payment protocol based on SWPP. Electron. Commer. Res. 14(4), 635–660 (2014)CrossRefGoogle Scholar
  10. 10.
    Meadows, C.A., Meadows, C.A.: Formal verification of cryptographic protocols: a survey. In: Pieprzyk, J., Safavi-Naini, R. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 133–150. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0000430CrossRefGoogle Scholar
  11. 11.
    Meadows, C.: Formal methods for cryptographic protocol analysis: emerging issues and trends. IEEE J. Sel. Areas Commun. 21(1), 44–54 (2003)CrossRefGoogle Scholar
  12. 12.
    Pfitzmann, A., Waidner, M.: Networks without user observability. Comput. Secur. 6(2), 158–166 (1987)CrossRefGoogle Scholar
  13. 13.
    Polychronis, A.: Fair exchange protocols with anonymity and nonrepudiation for payments. Technical Report RHULMA20132, University of London, Royal Holloway (2013)Google Scholar
  14. 14.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C. Wiley, Hoboken (1996)zbMATHGoogle Scholar
  15. 15.
    Tellez, J., Zeadally, S.: An anonymous secure payment protocol in a payment gateway centric model. In: The 9th International Conference on Mobile Web Information Systems (MobiWIS 2012), Niagara Falls, Ontario, Canada, vol. 10, pp. 758–765 (2012)Google Scholar
  16. 16.
    Walker, J., Li, J.: Key exchange with anonymous authentication using DAA-SIGMA protocol. In: Chen, L., Yung, M. (eds.) INTRUST 2010. LNCS, vol. 6802, pp. 108–127. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25283-9_8CrossRefGoogle Scholar
  17. 17.
    Wen, J., Zhao, L., Jiang, H.: Formal analysis of electronic payment protocols based on game theory. In: 2010 International Conference on Computer Application and System Modeling (ICCASM 2010), Taiyuan, China, vol. 6, pp. 319–323 (2010)Google Scholar
  18. 18.
    Wagatsuma, K., Goto, Y., Cheng, J.: A formal analysis method with reasoning for key exchange protocols. IPSJ J. 56(3), 903–910 (2015). (in Japanese)Google Scholar
  19. 19.
    Wang, C., Shu, N., Wang, H.: Formal analysis of a model for electronic payment systems. In: International Conference on Communication and Electronic Information Engineering (CEIE 2016), vol. 116, pp. 613–620 (2016)Google Scholar
  20. 20.
    Yan, J., Wagatsuma, K., Gao, H., Cheng, J.: A formal analysis method with reasoning for cryptographic protocols. In: 12th International Conference on Computational Intelligence and Security, pp. 566–570. IEEE Computer Society, Wuxi (2016)Google Scholar
  21. 21.
    Yan, J., Ishibashi, S., Goto, Y., Cheng, J.: A study on fine-grained security properties of cryptographic protocols for formal analysis method with reasoning. In: 2018 IEEE SmartWorld, Ubiquitous Intelligence, Computing, Advanced, Trusted Computing, Scalable Computing, Communications, Cloud, Big Data Computing, Internet of People and Smart City Innovations, pp. 210–215. IEEE-CS, Guangzhou (2018)Google Scholar
  22. 22.
    Yan, J., Wang, Y., Goto, Y., Cheng, J.: An extension of formal analysis method with reasoning: a case study of flaw detection for non-repudiation and fairness. In: Carlet, C., Guilley, S., Nitaj, A., Souidi, E.M. (eds.) C2SI 2019. LNCS, vol. 11445, pp. 399–408. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-16458-4_23CrossRefGoogle Scholar
  23. 23.
    Zhang, J.: Research on secure e-payment protocols. In: 2011 International Conference on Information Management, Innovation Management and Industrial Engineering, Shenzhen, China, pp. 121–123 (2011)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Information and Computer SciencesSaitama UniversitySaitamaJapan

Personalised recommendations