Design and analysis of key exchange protocols via secure channel identification

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 917)


We suggest a new methodology for design and analysis of key exchange protocols. The basic idea is to establish the minimum cryptographic requirements in delivering a new session key, and to identify how these are achieved in the protocol under examination. The method is therefore limited to key exchange protocols and to establishing that the basic properties exist. The method is easy to carry out by hand (although some existing protocols may be difficult to handle). It allows existing protocols to be re-designed and new protocols designed in a flexible manner. A number of new protocols designed with the method are suggested.


Encryption Algorithm Message Authentication Code Secure Channel Generic Protocol Cryptographic Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M.Burrows, M.Abadi, and R.Needharn, A Logic of Authentication, Proceedings of the Royal Society, Vol A426,pp 233–271, 1989.Google Scholar
  2. 2.
    Colin Boyd, Security Architectures using Formal Methods, IEEE Journal on Selected Areas in Communications, June 1993, pp.694–701.Google Scholar
  3. 3.
    Colin Boyd and Wenbo Mao, On a Limitation of BAN logic, Advances in Cryptology — Eurocrypt 93, Springer-Verlag, 1994, pp.240–247.Google Scholar
  4. 4.
    Colin Boyd and Wenbo Mao, Designing Secure Key Exchange Protocols, Proceedings of ESORICS 94, Springer-Verlag, 1994, pp.93–105.Google Scholar
  5. 5.
    D.W.Davies and W.L.Price, Security for Computer Networks, John Wiley and Sons, 1989Google Scholar
  6. 6.
    D.E.Denning and G.M.Sacco, Timestamps in Key Distribution Protocols, Communications of the ACM, 24, 8, 1981, pp. 533–536.Google Scholar
  7. 7.
    Whitfield Diffie, Paul C. van Oorshot and Michael J. Wiener, Authentication and Authenticated Key Exchanges, Designs, Codes and Cryptography, 2, pp. 107–125, 1992.Google Scholar
  8. 8.
    W.Diffie and M.Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, IT-22, 6, November 1976, pp. 644–654.Google Scholar
  9. 9.
    R.Kemmerer, C.Meadows and J.Millen, Three Systems for Cryptographic Protocol Analysis, Journal of Cryptology, 7, 2, Spring 1994, pp. 79–130.Google Scholar
  10. 10.
    Wenbo Mao and Colin Boyd, Design of Authentication Protocols: Some Misconceptions and a New Approach, Proceedings of IEEE Computer Security Foundations Workshop VII, 1994.Google Scholar
  11. 11.
    R.M.Needham and M.D.Schroeder, Using Encryption for Authentication in Large Networks of Computers, Communications of the ACM, 21, 12, December 1978, pp. 993–999.Google Scholar
  12. 12.
    Dave Otway and Owen Rees, Efficient and Timely Mutual Authentication, ACM Operating Systems Review, 21, 1,pp. 8–10, 1987.Google Scholar
  13. 13.
    Paul C. van Oorschot, Extending Cryptographic Logics of Belief to Key Agreement Protocols, Proceeedings of the 1st ACM Conference on Communications and Computer Seurity, Faixfax Virginia, November 1993.Google Scholar
  14. 14.
    Darryl M. Stahl, Stafford E.Tavares and Henk Meijer, Backward State Analysis of Cryptographic Protocols Using Coloured Petri Nets, Workshop on Selected Areas in Cryptography, Canada, 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  1. 1.Communications Research Group Electrical Engineering LaboratoriesUniversity of ManchesterManchesterUK

Personalised recommendations