Abstract
Formal analysis is used to find out flaws of cryptographic protocols. A formal analysis method with reasoning for cryptographic protocols has been proposed. In the method, behaviors of participants and behaviors of an intruder are used as premises of forward reasoning to deduce formulas, then analysts check whether the deduced formulas are related to flaws. However, the method only can detect the flaws related to confidentiality and authentication but is unable to detect the flaws related to non-repudiation and fairness. This paper proposes an extension of the formal analysis method with reasoning, which can deal with the flaws related to non-repudiation and fairness. This paper also shows a case study of flaw detection for non-repudiation and fairness in ISI protocol with the proposed method. The result shows that the proposed method is effective to find out flaws that related to the two security properties above.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Asokan, N.: Fairness in electronic commerce. Ph.D. thesis, Department of Mathematics, University of Waterloo, Canada (1998)
Avalle, M., Alfredo, P., Bogdan, W.: Formal verification of security protocol implementations: a survey. Formal Aspects Comput. 26(1), 99–123 (2014)
Bau, J., Mitchell, J.C.: Security modeling and analysis. IEEE Secur. Priv. 9(3), 18–25 (2011)
Butterfield, A., Ngondi, G.: Oxford Dictionary of Computer Science. Oxford University Press, Oxford (2016)
Cheng, J.: A strong relevant logic model of epistemic processes in scientific discovery. In: Information Modelling and Knowledge Bases XI, Frontiers in Artificial Intelligence and Applications, vol. 61, pp. 136–159 (2000)
Cheng, J., Miura, J.: Deontic relevant logic as the logical basis for specifying, verifying, and reasoning about information security and information assurance. In: 1st International Conference on Availability, Reliability and Security, pp. 601–608. IEEE Computer Society, Vienna, Austria (2006)
Cheng, J., Nara, S., Goto, Y.: FreeEnCal: a forward reasoning engine with general-purpose. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007. LNCS (LNAI), vol. 4693, pp. 444–452. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74827-4_56
Clarke Jr., E.M., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)
Cortier, V., Kremer, S., Warinschi, B.: A survey of symbolic methods in computational analysis of cryptographic systems. J. Autom. Reasoning 46(3–4), 225–259 (2011)
Dolev, D., Andrew, C.Y.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Hauser, R., Steiner, M., Waidner, M.: Micro-payments based on IKP. IBM Zurich Research Laboratory, IBM Research Division Report RZ279, Zurich, Switzerland (1996)
International Organization for Standardization: ISO/IEC 13888–3: Information security techniques - non-repudiation - Part: Mechanisms using asymmetric techniques (1997)
International Organization for Standardization: ISO/IEC 13888–2: Information security techniques - non-repudiation - Part: Mechanisms using symmetric techniques (1998)
International Organization for Standardization: ISO/IEC 29128: Information technology - Security techniques - Verification of cryptographic protocols (2011)
Kremera, S., Markowitcha, O., Zhoub, J.: An intensive survey of fair non-repudiation protocols. Comput. Commun. 25(17), 1606–1621 (2002)
Liu, Y., Zhang, H.: Stand spaces analysis of electronic commerce protocols. Comput. Sci. 35(2), 109–114 (2008)
Medvinsky, G., Neuman, C.: NetCash: a design of practical electronic currency on the internet. In: 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, USA, pp. 102–106 (1993)
Meadows, C.A., Meadows, C.A.: Formal verification of cryptographic protocols: a survey. In: Pieprzyk, J., Safavi-Naini, R. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 133–150. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0000430
Meadows, C.: Formal methods for cryptographic protocol analysis: emerging issues and trends. IEEE J. Sel. Areas Commun. 21(1), 44–54 (2003)
Markowitch, O., Gollmann, D., Kremer, S.: On fairness in exchange protocols. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 451–465. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36552-4_31
Paulson, L.C.: The inductive approach to verifying cryptographic protocols. J. Comput. Secur. 6(1), 85–128 (1998)
Roe, M.: Cryptography and evidence. Ph.D. thesis, Computer Laboratory, University of Cambridge (1997)
Zhou, J., Gollmann, D.: Evidence and non-repudiation. J. Network Comput. Appl. 20(30), 267–281 (1997)
Wagatsuma, K., Goto, Y., Cheng, J.: A formal analysis method with reasoning for key exchange protocols. IPSJ J. 56(3), 903–910 (2015). (in Japanese)
Yan, J., Wagatsuma, K., Gao, H., Cheng, J.: A formal analysis method with reasoning for cryptographic protocols. In: 12th International Conference on Computational Intelligence and Security, pp. 566–570. IEEE Computer Society, Wuxi (2016)
Yan, J., Ishibashi, S., Goto, Y., Cheng, J.: A study on fine-grained security properties of cryptographic protocols for formal analysis method with reasoning. In: 2018 IEEE SmartWorld, Ubiquitous Intelligence, Computing, Advanced, Trusted Computing, Scalable Computing, Communications, Cloud, Big Data Computing, Internet of People and Smart City Innovations, pp. 210–215. IEEE-CS, Guangzhou (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Yan, J., Wang, Y., Goto, Y., Cheng, J. (2019). An Extension of Formal Analysis Method with Reasoning: A Case Study of Flaw Detection for Non-repudiation and Fairness. In: Carlet, C., Guilley, S., Nitaj, A., Souidi, E. (eds) Codes, Cryptology and Information Security. C2SI 2019. Lecture Notes in Computer Science(), vol 11445. Springer, Cham. https://doi.org/10.1007/978-3-030-16458-4_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-16458-4_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16457-7
Online ISBN: 978-3-030-16458-4
eBook Packages: Computer ScienceComputer Science (R0)