Skip to main content
SpringerLink
Log in

Data Access Specification and the Most Powerful Symbolic Attacker in MSR

  • Conference paper
  • First Online:
Software Security — Theories and Systems (ISSS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Included in the following conference series:

Abstract

Most systems designed for the symbolic verification of security protocols operate under the unproved assumption that an attack can only result from the combination of a fixed number of message transformations, which altogether constitute the capabilities of the so-called Dolev-Yao intruder. In this paper,we show that the Dolev-Yao intruder can indeed emulate the actions of an arbitrary symbolic adversary. In order to do so, we extend MSR, a flexible specification framework for security protocols based on typed multiset rewriting, with a static check called data access specification and aimed at catching specification errors such as a principal trying to use a key that she is not entitled to access.

Partially supported by NRL under contract N00173-00-C-2086 and by NSF grant INT98- 15731.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. David Aspinall and Adriana Compagnoni. Subtyping dependent types. In E. Clarke, editor, Proceedings of the 11th Annual Symposium on Logic in Computer Science, pages 86–97, New Brunswick, New Jersey, July 1996. IEEE Computer Society Press.

    Google Scholar 

  2. M. Abadi and A. Gordon. A calculus for cryptographic protocols: the spi calculus. Information and Computation, 148(1):1–70, 1999.

    Article  MATH  MathSciNet  Google Scholar 

  3. Martin Abadi and Roger Needham. Prudent engineering practice for cryptographic protocols. Research Report 125, DEC, System Research Center, 1994.

    Google Scholar 

  4. M. Burrows, M. Abadi, and R. Needham. A logic of authentication. Proceedings of the Royal Society, Series A, 426(1871):233–271, 1989.

    MATH  MathSciNet  Google Scholar 

  5. Stephen Brackin. Automatically detecting most vulnerabilities in cryptographic protocols. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition-DISCEX’00, volume 1, pages pp. 222–236, Hilton Head, SC, 2000.

    Google Scholar 

  6. Iliano Cervesato, Nancy A. Durgin, Patrick D. Lincoln, John C. Mitchell, and Andre Scedrov. A meta-notation for protocol analysis. In P. Syverson, editor, Proceedings of the 12th IEEE Computer Security Foundations Workshop-CSFW’99, pages 55–69, Mordano, Italy, June 1999.

    Google Scholar 

  7. Iliano Cervesato. Typed multiset rewriting specifications of security protocols. Unpublished manuscript.

    Google Scholar 

  8. Iliano Cervesato. Typed multiset rewriting specifications of security protocols. In A. Seda, editor, Proceedings of the First Irish Conference on the Mathematical Foundations of Computer Science and Information Technology-MFCSIT’00, Cork, Ireland, 19-21 July 2000. Elsevier ENTCS.

    Google Scholar 

  9. Iliano Cervesato. A specification language for crypto-protocol based on multiset rewriting, dependent types and subsorting. In G. Delzanno, S. Etalle, and M. Gabbrielli, editors, Workshop on Specification, Analysis and Validation for Emerging Technologies-SAVE’01, Paphos, Cyprus, 2001.

    Google Scholar 

  10. Iliano Cervesato. Typed MSR: Syntax and examples. In V. Gorodetski, V. Skormin, and L. Popyack, editors, Proceedings of the First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security-MMM’01, pages 159–177, St. Petersburg, Russia, 2001. Springer-Verlag LNCS 2052.

    Google Scholar 

  11. Iliano Cervesato. The wolf within. In J. Guttman, editor, Second Workshop on Issues in the Theory of Security-WITS’02, Portland, OR, 2002.

    Google Scholar 

  12. Ph. de Groote, editor. The Curry-Howard Isomorphism, volume 8 of Cahiers du Centre de Logique, Département de Philosophie, Université Catholique de Louvain. Academia, 1995.

    Google Scholar 

  13. Grit Denker and Jonathan K. Millen. CAPSL Intermediate Language. In N. Heintze and E. Clarke, editors, Proceedings of the Workshop on Formal Methods and Security Protocols-FMSP, Trento, Italy, July 1999.

    Google Scholar 

  14. Grit Denker, Jonathan Millen, A. Grau, and J. Filipe. Optimizing protocol rewrite rules of CIL specifications. In 13th IEEE Computer Security Foundations Workshop-CSFW’00, pages 52–62, Cambrige, UK, July 2000.

    Google Scholar 

  15. Danny Dolev and Andrew C. Yao. On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29):198–208, 1983.

    Article  MathSciNet  Google Scholar 

  16. F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 160–171, Oakland, CA, May 1998.

    Google Scholar 

  17. Andrew Gordon and Alan Jeffrey. Types and effects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop-CSFW’02, pages 77–91, Cape Breton, Canada, 2002.

    Google Scholar 

  18. Robert Harper, Furio Honsell, and Gordon Plotkin. A framework for defining logics. Journal of the Association for Computing Machinery, 40(1):143–184, January 1993.

    MATH  MathSciNet  Google Scholar 

  19. Gavin Lowe. Casper: A compiler for the analysis of security protocols. Journal of Computer Security, 6:53–84, 1998.

    Google Scholar 

  20. Will Marrero, Edmund M. Clarke, and Somesh Jha. Model checking for security protocols. In Proceedings of the 1997 DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997. A Preliminary version appeared as Technical Report TR-CMU-CS-97-139, Carnegie Mellon University, May 1997.

    Google Scholar 

  21. C. Meadows. The NRL protocol analyzer: an overview. J. Logic Programming, 26(2):113–131, 1996.

    Article  MATH  Google Scholar 

  22. R.M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993–999, 1978.

    Article  MATH  Google Scholar 

  23. Laurence Paulson. Proving properties of security protocols by induction. In Proceedings of the 10th Computer Security Foundations Workshop, pages 70–83, 1997.

    Google Scholar 

  24. Frank Pfenning. Refinement types for logical frameworks. In Herman Geuvers, editor, Informal Proceedings of the Workshop on Types for Proofs and Programs, pages 285–299, Nijmegen, The Netherlands, May 1993.

    Google Scholar 

  25. Paul Syverson, Catherine Meadows, and Iliano Cervesato. Dolev-Yao is no better than Machiavelli. In P. Degano, editor, First Workshop on Issues in the Theory of Security-WITS’00, pages 87–92, Geneva, Switzerland, 7-8 July 2000.

    Google Scholar 

  26. Dawn Song. Athena: a new efficient automatic checker for security protocol analysis. In Proceedings of the Twelth IEEE Computer Security Foundations Workshop, pages 192–202, Mordano, Italy, June 1999.

    Google Scholar 

  27. Vitaly Shmatikov and Ulrich Stern. Efficient finite-state analysis for large security protocols. In Proceedings of the 11th Computer Security Foundations Workshop, pages 106–115, Rockport, MA, 1998.

    Google Scholar 

  28. Paul F. Syverson. A different look at secure distributed computation. In Tenth IEEE Computer Security Foundations Workshop-CSFW-10, pages 109–115, June 1997.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Advanced Engineering and Sciences Division, ITT Industries, Inc., 2560 Huntington Avenue, 22303, Alexandria, VA, USA

    Iliano Cervesato

Authors
  1. Iliano Cervesato
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cervesato, I. (2003). Data Access Specification and the Most Powerful Symbolic Attacker in MSR . In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_23

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_23

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation