Abstract
Most systems designed for the symbolic verification of security protocols operate under the unproved assumption that an attack can only result from the combination of a fixed number of message transformations, which altogether constitute the capabilities of the so-called Dolev-Yao intruder. In this paper,we show that the Dolev-Yao intruder can indeed emulate the actions of an arbitrary symbolic adversary. In order to do so, we extend MSR, a flexible specification framework for security protocols based on typed multiset rewriting, with a static check called data access specification and aimed at catching specification errors such as a principal trying to use a key that she is not entitled to access.
Partially supported by NRL under contract N00173-00-C-2086 and by NSF grant INT98- 15731.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
David Aspinall and Adriana Compagnoni. Subtyping dependent types. In E. Clarke, editor, Proceedings of the 11th Annual Symposium on Logic in Computer Science, pages 86–97, New Brunswick, New Jersey, July 1996. IEEE Computer Society Press.
M. Abadi and A. Gordon. A calculus for cryptographic protocols: the spi calculus. Information and Computation, 148(1):1–70, 1999.
Martin Abadi and Roger Needham. Prudent engineering practice for cryptographic protocols. Research Report 125, DEC, System Research Center, 1994.
M. Burrows, M. Abadi, and R. Needham. A logic of authentication. Proceedings of the Royal Society, Series A, 426(1871):233–271, 1989.
Stephen Brackin. Automatically detecting most vulnerabilities in cryptographic protocols. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition-DISCEX’00, volume 1, pages pp. 222–236, Hilton Head, SC, 2000.
Iliano Cervesato, Nancy A. Durgin, Patrick D. Lincoln, John C. Mitchell, and Andre Scedrov. A meta-notation for protocol analysis. In P. Syverson, editor, Proceedings of the 12th IEEE Computer Security Foundations Workshop-CSFW’99, pages 55–69, Mordano, Italy, June 1999.
Iliano Cervesato. Typed multiset rewriting specifications of security protocols. Unpublished manuscript.
Iliano Cervesato. Typed multiset rewriting specifications of security protocols. In A. Seda, editor, Proceedings of the First Irish Conference on the Mathematical Foundations of Computer Science and Information Technology-MFCSIT’00, Cork, Ireland, 19-21 July 2000. Elsevier ENTCS.
Iliano Cervesato. A specification language for crypto-protocol based on multiset rewriting, dependent types and subsorting. In G. Delzanno, S. Etalle, and M. Gabbrielli, editors, Workshop on Specification, Analysis and Validation for Emerging Technologies-SAVE’01, Paphos, Cyprus, 2001.
Iliano Cervesato. Typed MSR: Syntax and examples. In V. Gorodetski, V. Skormin, and L. Popyack, editors, Proceedings of the First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security-MMM’01, pages 159–177, St. Petersburg, Russia, 2001. Springer-Verlag LNCS 2052.
Iliano Cervesato. The wolf within. In J. Guttman, editor, Second Workshop on Issues in the Theory of Security-WITS’02, Portland, OR, 2002.
Ph. de Groote, editor. The Curry-Howard Isomorphism, volume 8 of Cahiers du Centre de Logique, Département de Philosophie, Université Catholique de Louvain. Academia, 1995.
Grit Denker and Jonathan K. Millen. CAPSL Intermediate Language. In N. Heintze and E. Clarke, editors, Proceedings of the Workshop on Formal Methods and Security Protocols-FMSP, Trento, Italy, July 1999.
Grit Denker, Jonathan Millen, A. Grau, and J. Filipe. Optimizing protocol rewrite rules of CIL specifications. In 13th IEEE Computer Security Foundations Workshop-CSFW’00, pages 52–62, Cambrige, UK, July 2000.
Danny Dolev and Andrew C. Yao. On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29):198–208, 1983.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 160–171, Oakland, CA, May 1998.
Andrew Gordon and Alan Jeffrey. Types and effects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop-CSFW’02, pages 77–91, Cape Breton, Canada, 2002.
Robert Harper, Furio Honsell, and Gordon Plotkin. A framework for defining logics. Journal of the Association for Computing Machinery, 40(1):143–184, January 1993.
Gavin Lowe. Casper: A compiler for the analysis of security protocols. Journal of Computer Security, 6:53–84, 1998.
Will Marrero, Edmund M. Clarke, and Somesh Jha. Model checking for security protocols. In Proceedings of the 1997 DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997. A Preliminary version appeared as Technical Report TR-CMU-CS-97-139, Carnegie Mellon University, May 1997.
C. Meadows. The NRL protocol analyzer: an overview. J. Logic Programming, 26(2):113–131, 1996.
R.M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993–999, 1978.
Laurence Paulson. Proving properties of security protocols by induction. In Proceedings of the 10th Computer Security Foundations Workshop, pages 70–83, 1997.
Frank Pfenning. Refinement types for logical frameworks. In Herman Geuvers, editor, Informal Proceedings of the Workshop on Types for Proofs and Programs, pages 285–299, Nijmegen, The Netherlands, May 1993.
Paul Syverson, Catherine Meadows, and Iliano Cervesato. Dolev-Yao is no better than Machiavelli. In P. Degano, editor, First Workshop on Issues in the Theory of Security-WITS’00, pages 87–92, Geneva, Switzerland, 7-8 July 2000.
Dawn Song. Athena: a new efficient automatic checker for security protocol analysis. In Proceedings of the Twelth IEEE Computer Security Foundations Workshop, pages 192–202, Mordano, Italy, June 1999.
Vitaly Shmatikov and Ulrich Stern. Efficient finite-state analysis for large security protocols. In Proceedings of the 11th Computer Security Foundations Workshop, pages 106–115, Rockport, MA, 1998.
Paul F. Syverson. A different look at secure distributed computation. In Tenth IEEE Computer Security Foundations Workshop-CSFW-10, pages 109–115, June 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cervesato, I. (2003). Data Access Specification and the Most Powerful Symbolic Attacker in MSR . In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_23
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_23
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive