Advertisement

Classification of Security Properties

(Part II: Network Security)
  • Riccardo Focardi
  • Roberto Gorrieri
  • Fabio Martinelli
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2946)

Abstract

Many security properties of cryptographic protocols can be all formalized as specific instances of a general scheme, called Generalized Non Deducibility on Composition (GNDC). This scheme derives from the NDC property we proposed a few years ago for studying information flow in computer systems. The theory is formulated for CryptoSPA, a process algebra we introduced for the specification of cryptographic protocols. One of the advantages of our unifying GNDC-based theory is that that formal comparison among security properties become easier, being them all instances of a unique general property. Moreover, the full generality of the approach has helped us in finding a few undocumented attacks on cryptographic protocols.

This paper is based on the results of [20,22–25] and covers the second part of the course “Classification of Security Properties” given by Roberto Gorrieri and Riccardo Focardi at the FOSAD’00 and FOSAD’01 schools.

Keywords

Authentication Protocol Security Protocol Security Property Message Authentication Code Process Algebra 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M., Gordon, A.D.: Reasoning about cryptographic protocols in the spi calculus. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 59–73. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Aldini, A., Bravetti, M., Gorrieri, R.: A Process-algebraic Approach for the Analysis of Probabilistic Non-interference. Journal of Computer Security (2003) (to appear)Google Scholar
  4. 4.
    Aldini, A.: Probabilistic Information Flow in a Process Algebra. In: Larsen, K.G., Nielsen, M. (eds.) CONCUR 2001. LNCS, vol. 2154, pp. 152–168. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Bodei, C., Degano, P., Focardi, R., Priami, C.: Authentication via localized names. In: Proceedings of CSFW 1999, pp. 98–110. IEEE press, Los Alamitos (1999)Google Scholar
  6. 6.
    Bell, D.E., La Padula, L.J.: Secure Computer Systems: Unified Exposition and Multics Interpretation. ESD-TR-75-306, MITRE MTR-2997 (1976)Google Scholar
  7. 7.
    Bugliesi, M., Ceccato, A., Rossi, S.: Non-Interference Proof Techniques for the Analysis of Cryptographic Protocols. In: Proceedings of 2003 IFIP WG 1.7, ACM SIGPLAN and GI FoMSESS Workshop on Issues in the Theory of Security (WITS 2003), Warsaw, Poland, April 5-6 (2003)Google Scholar
  8. 8.
    Bugliesi, M., Ceccato, A., Rossi, S.: Context-Sensitive Equivalences for Non-Interference based Protocol Analysis. In: Lingas, A., Nilsson, B.J. (eds.) FCT 2003. LNCS, vol. 2751, pp. 364–375. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proceedings of the Royal Society of London,  426, 233–271 (1989)Google Scholar
  10. 10.
    Clark, J., Jacob, J.: A Survey of Authentication Protocol Literature: Version 1.0 (November 1997), http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz
  11. 11.
    De Nicola, R., Hennessy, M.: Testing equivalences for processes. Theoretical Computer Science 34, 83–133 (1984)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29(2) (1983)Google Scholar
  13. 13.
    Durante, A., Focardi, R., Gorrieri, R.: CVS: A compiler for the analysis of cryptographic protocols. In: Proceedings of CSFW 1999, pp. 203–212. IEEE Press, Los Alamitos (1999)Google Scholar
  14. 14.
    Durante, A., Focardi, R., Gorrieri, R.: CVS at Work: A Report on new Failures upon some Cryptographic Protocols. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 287–299. Springer, Heidelberg (2001)Google Scholar
  15. 15.
    Durante, A., Focardi, R., Gorrieri, R.: A compiler for analysing cryptographic protocols using non-interference. ACM Transactions on Software Engineering and Methodology (TOSEM) 9(4), 488–528 (2000)CrossRefGoogle Scholar
  16. 16.
    Focardi, R., Ghelli, A., Gorrieri, R.: Using non interference for the analysis of security protocols. In: Proceedings of DIMACS Workshop on Design and Formal Verification of Security Protocols (1997)Google Scholar
  17. 17.
    Focardi, R., Gorrieri, R.: A classification of security properties for process algebras. Journal of Computer Security 3(1), 5–33 (1994/1995)Google Scholar
  18. 18.
    Focardi, R., Gorrieri, R.: The compositional security checker: A tool for the verification of information flow security properties. IEEE Transactions on Software Engineering 23(9), 550–571 (1997)CrossRefGoogle Scholar
  19. 19.
    Focardi, R., Gorrieri, R.: Classification of Security Properties. Part I: Information Flow. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Focardi, R., Gorrieri, R., Martinelli, F.: A Comparison of Three Authentication Properties. Theoretical Computer Science 291(3), 285–327 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Focardi, R., Gorrieri, R., Martinelli, F.: Real-Time Information Flow Analysis. IEEE Journal on Selected Areas in Communications 21(1) (January 2003)Google Scholar
  22. 22.
    Focardi, R., Gorrieri, R., Martinelli, F.: Message authentication through noninterference. In: Rus, T. (ed.) AMAST 2000. LNCS, vol. 1816, pp. 258–272. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  23. 23.
    Focardi, R., Gorrieri, R., Martinelli, F.: Non interference for the analysis of cryptographic protocols. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 354–372. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  24. 24.
    Focardi, R., Gorrieri, R., Martinelli, F.: Secrecy in security protocols as noninterference. In: Workshop on secure architectures and information flow. ENTCS, vol. 32 (2000)Google Scholar
  25. 25.
    Focardi, R., Martinelli, F.: A uniform approach for the definition of security properties. In: Wing, J.M., Woodcock, J.C.P., Davies, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 794–813. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  26. 26.
    Goguen, J.A., Meseguer, J.: Security policy and security models. In: Proceedings of the 1982 Symposium on Security and Privacy, pp. 11–20. IEEE Press, Los Alamitos (1982)Google Scholar
  27. 27.
    Gollman, D.: What do we mean by entity authentication? In: Proceedings of Symposium in Research in Security and Privacy, pp. 46–54. IEEE Press, Los Alamitos (1996)Google Scholar
  28. 28.
    Gollman, D.: On the verification of cryptographic protocols - a tale of two committees. In: Workshop on secure architectures and information flow. ENTCS, vol. 32 (2000)Google Scholar
  29. 29.
    Gorrieri, R., Locatelli, E., Martinelli, F.: A Simple Language for Real-Time Cryptographic Protocol Analysis. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 114–128. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  30. 30.
    Gorrieri, R., Martinelli, F.: Process Algebraic Frameworks for the Specification and Analysis of Cryptographic Protocols. In: Rovan, B., Vojtáš, P. (eds.) MFCS 2003. LNCS, vol. 2747, pp. 46–67. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  31. 31.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)zbMATHGoogle Scholar
  32. 32.
    Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 146–166. Springer, Heidelberg (1996)Google Scholar
  33. 33.
    Lowe, G.: A hierarchy of authentication specification. In: Proceedings of the 10th Computer Security Foundation Workshop, pp. 31–43. IEEE press, Los Alamitos (1997)CrossRefGoogle Scholar
  34. 34.
    Marrero, W., Clarke, E., Jha, S.: A model checker for authentication protocols. In: Proceedings of DIMACS Workshop on Design and Formal Verification of Security Protocols, Rutgers University (September 1997)Google Scholar
  35. 35.
    Martinelli, F.: Analysis of security protocols as open systems. Theoretical Computer Science 290(1), 1057–1106 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Martinelli, F.: Languages for description and analysis of authentication protocols. In: Proceedings of ICTCS 1998, pp. 304–315. World Scientific, Singapore (1998)Google Scholar
  37. 37.
    Martinelli, F.: Partial model checking and theorem proving for ensuring security properties. In: Proceedings of CSFW 1998, pp. 44–52. IEEE press, Los Alamitos (1998)Google Scholar
  38. 38.
    Milner, R.: Communication and Concurrency. Prentice-Hall, Englewood Cliffs (1989)zbMATHGoogle Scholar
  39. 39.
    Ryan, P.Y.A., Schneider, S.: Process algebra and non-interference. In: Proceedings of CSFW 1999, pp. 214–227. IEEE Press, Los Alamitos (1999)Google Scholar
  40. 40.
    Sangiorgi, D.: Expressing Mobility in Process Algebra: First-Order and Higher-Order Paradigms. PhD thesis, University of Edinburgh (1992)Google Scholar
  41. 41.
    Schneider, S.: Formal analysis of a non-repudiation protocol. In: Proceedings of CSFW 1998, pp. 54–65. IEEE Press, Los Alamitos (1998)Google Scholar
  42. 42.
    Schneider, S.: Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering 24(9) (September 1998)Google Scholar
  43. 43.
    Ryan, P., Schneider, S., Goldsmith, M., Lowe, G., Roscoe, B.: The Modelling and Analysis of Security Protocols: the CSP Approach. Addison-Wesley, Reading (2001)Google Scholar
  44. 44.
    Wittbold, J.T., Johnson, D.M.: Information flow in nondeterministic systems. In: Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pp. 144–161. IEEE Computer Society Press, Los Alamitos (1990)CrossRefGoogle Scholar
  45. 45.
    Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: Proceedings of the 1993 IEEE Computer Society Symposium on Security and Privacy (SSP 1993), May 1993, pp. 178–195. IEEE Press, Los Alamitos (1993)CrossRefGoogle Scholar
  46. 46.
    Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: Proc. of Symposium in Research in Security and Privacy, pp. 55–61. IEEE Press, Los Alamitos (1996)Google Scholar
  47. 47.
    Zhou, J., Gollmann, D.: Towards verification of non-repudiation protocols. In: International Refinement Workshop and Formal Methods Pacific (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Riccardo Focardi
    • 1
  • Roberto Gorrieri
    • 2
  • Fabio Martinelli
    • 3
  1. 1.Dipartimento di InformaticaUniversità Ca’ Foscari di VeneziaItaly
  2. 2.Dipartimento di Scienze dell’InformazioneUniversità di BolognaItaly
  3. 3.Istituto di Informatica e TelematicaC.N.R.PisaItaly

Personalised recommendations