A formal specification of requirements for payment transactions in the SET protocol

  • Catherine Meadows
  • Paul Syverson
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1465)

Abstract

Payment transactions in the SET (Secure Electronic Transaction) protocol are described. Requirements for SET are discussed and formally represented in a version of NPATRL (the NRL Protocol Analyzer Temporal Requirements Language). NPATRL is language for expressing generic requirements, heretofore applied to key distribution or key agreement protocols. Transaction vectors and other new constructs added to NPATRL for reasoning about SET payment transactions are described along with properties of their representation.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    M. Burrows, M. Abadi, and R. Needham, A Logic of Authentication, SRC Research Report 39, Digital Systems Research Center, February 1989.Google Scholar
  2. 2.
    D. Bolignano, “Towards the Formal Verification of Electronic Commerce Protocols”, Proceedings of the 10 th IEEE Computer Security Foundations Workshop, pp. 133–146, Rockport Massachusetts, IEEE CS Press, June 1997.Google Scholar
  3. 3.
    S. Brackin, “Automatic Formal Analyses of Two Large Commercial Protocols”, DIM ACS Workshop on Design and Formal Verification of Security Protocols, Rutgers New Jersey, September 1997. (Paper available at http://dimacs.rutgers.edu/Workshops/Security/program2/brackin.html)Google Scholar
  4. 4.
    L. Gong, R. Needham, and R. Yahalom, “Reasoning about Belief in Cryptographic Protocols”, Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 234–248, IEEE Computer Society Press, Oakland California, May 1990.Google Scholar
  5. 5.
    SET Secure Electronic Transaction Specification, Version 1.0, May 1997. (Downloaded from http://www.visa.com/set/)Google Scholar
  6. 6.
    P. Syverson and C. Meadows, “A Logical Language for Specifying Cryptographic Protocol Requirements”, Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 165–177, IEEE Computer Society Press, Oakland California, May 1993.Google Scholar
  7. 7.
    P. Syverson and C. Meadows, “Formal Requirements for Key Distribution Protocols”, Advances in Cryptology — EUROCRYPT '94, LNCS vol. 950, A. De Santis, ed., pp. 320–331, Springer-Verlag, Perugia Italy, 1994.Google Scholar
  8. 8.
    P. Syverson and C. Meadows, “A Formal Language for Cryptographic Protocol Requirements”, Designs, Codes, and Cryptography, vol. 7, nos. 1 and 2, pp. 27–59, January 1996.MATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag 1998

Authors and Affiliations

  • Catherine Meadows
    • 1
  • Paul Syverson
    • 1
  1. 1.Naval Research LaboratoryCenter for High Assurance Computer SystemsWashington DCUSA

Personalised recommendations