Skip to main content
SpringerLink
Log in

From Secrecy to Authenticity in Security Protocols

  • Conference paper
  • First Online:
Static Analysis (SAS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2477))

Included in the following conference series:

Abstract

We present a new technique for verifying authenticity in cryptographic protocols. This technique is fully automatic, it can handle an unbounded number of sessions of the protocol, and it is efficient in practice. It significantly extends a previous technique for the verification of secrecy. The protocol is represented in an extension of the pi calculus with fairly arbitrary cryptographic primitives. This protocol representation includes the authentication specification to be verified, but no other annotation. Our technique has been proved correct, implemented, and tested on various protocols from the literature. The experimental results show that we can verify these protocols in less than 1 s.

This work was supported in part by the RTD project IST-1999-20527 DAEDALUS of the european IST FP5 programme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and B. Blanchet. Analyzing Security Protocols with Secrecy Types and Logic Programs. In 29th Annual ACM Symposium on Principles of Programming Languages (POPL 2002), pages 33–44, Portland, Oregon, Jan. 2002. ACM Press.

    Google Scholar 

  2. M. Abadi and C. Fournet. Mobile Values, New Names, and Secure Communication. In 28th Annual ACM Symposium on Principles of Programming Languages (POPL’01), pages 104–115, London, United Kingdom, Jan. 2001. ACM Press.

    Google Scholar 

  3. M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. I EEE Transactions on Software Engineering, 22(1):6–15, Jan. 1996.

    Google Scholar 

  4. R. Amadio and S. Prasad. The game of the name in cryptographic tables. In P. S. Thiagarajan and R. Yap, editors, Advances in Computing Science-ASIAN’99, volume 1742 of LNCS, pages 15–27, Phuket, Thailand, Dec. 1999. Springer Verlag.

    Chapter  Google Scholar 

  5. R. Anderson and R. Needham. Programming Satan’s Computer. In J. van Leeuven, editor, Computer Science Today: Recent Trends and Developments, volume 1000 of LNCS, pages 426–440. Springer Verlag, 1995.

    Google Scholar 

  6. B. Blanchet. An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In 14th IEEE Computer Security Foundations Workshop (CSFW-14), pages 82–96, Cape Breton, Nova Scotia, Canada, June 2001. IEEE Computer Society. Extended version available at http://www.di.ens.fr~blanchet/longcsfw14.ps.gz.

  7. P. Broadfoot, G. Lowe, and B. Roscoe. Automating Data Independence. In 6th European Symposium on Research in Computer Security (ESORICS 2000), volume 1895 of LNCS, pages 175–190, Toulouse, France, Oct. 2000. Springer Verlag.

    Google Scholar 

  8. P. J. Broadfoot and A. W. Roscoe. Internalising agents in CSP protocol models. In Workshop on Issues in the Theory of Security (WITS’02), Portland, Oregon, Jan. 2002.

    Google Scholar 

  9. M. Burrows, M. Abadi, and R. Needham. A Logic of Authentication. Proceedings of the Royal Society of London A, 426:233–271, 1989.

    Article  MATH  MathSciNet  Google Scholar 

  10. J. Clark and J. Jacob. A Survey of Authentication Protocol Literature: Version1.0. Technical report, University of York, Department of Computer Science, Nov. 1997.

    Google Scholar 

  11. E. Cohen. TAPS: A First-Order Verifier for Cryptographic Protocols. In 13th IEEE Computer Security Foundations Workshop (CSFW-13), pages 144–158, Cambridge, England, July 2000.

    Google Scholar 

  12. V. Cortier, J. Millen, and H. Rueβ. Proving secrecy is easy enough. In 14th IEEE Computer Security Foundations Workshop (CSFW-14), pages 97–108, Cape Breton, Nova Scotia, Canada, June 2001. IEEE Computer Society.

    Google Scholar 

  13. M. Debbabi, M. Mejri, N. Tawbi, and I. Yahmadi. A New Algorithm for the Automatic Verification of Authentication Protocols: From Specifications to Flaws and Attack Scenarios. In DIM ACS Workshop on Design and Formal Verification of Security Protocols, Rutgers University, New Jersey, Sept. 1997.

    Google Scholar 

  14. A. Gordon and A. Jeffrey. Authenticity by Typing for Security Protocols. In 14th IEEE Computer Security Foundations Workshop (CSFW-14), pages 145–159, Cape Breton, Nova Scotia, Canada, June 2001. IEEE Computer Society.

    Google Scholar 

  15. A. Gordon and A. Jeffrey. Types and Effects for Asymmetric Cryptographic Protocols. In 15th IEEE Computer Security Foundations Workshop (CSFW-15), Cape Breton, Nova Scotia, Canada, June 2002. IEEE Computer Society.

    Google Scholar 

  16. J. Heather and S. Schneider. Towards automatic verification of authentication protocols on an unbounded network. In 13th IEEE Computer Security Foundations Workshop (CSFW-13), pages 132–143, Cambridge, England, July 2000.

    Google Scholar 

  17. H. Krawczyk. SKEME: A Versatile Secure Key Exchange Mechanism for Internet. In Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, Feb. 1996.

    Google Scholar 

  18. G. Lowe. Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, volume 1055 of LNCS, pages 147–166. Springer Verlag, 1996.

    Google Scholar 

  19. G. Lowe. A Hierarchy of Authentication Specifications. In Proceedings of the 10th Computer Security Foundations Workshop (CSFW’ 97), Rockport, Massachusetts, June 1997. IEEE Computer Society.

    Google Scholar 

  20. R. M. Needham and M. D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Commun. ACM, 21(12):993–999, Dec. 1978.

    Google Scholar 

  21. D. Otway and O. Rees. Efficient and Timely Mutual Authentication. Operating Systems Review, 21(1):8–10, 1987.

    Article  Google Scholar 

  22. L. C. Paulson. The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security, 6(1–2):85–128, 1998.

    Google Scholar 

  23. A. W. Roscoe and P. J. Broadfoot. Proving Security Protocols with Model Checkers by Data Independence Techniques. Journal of Computer Security, 7(2, 3):147–190, 1999.

    Google Scholar 

  24. D. X. Song. Athena: a New Efficient Automatic Checker for Security Protocol Analysis. In 12th IEEE Computer Security Foundation Workshop (CSFW-12), Mordano, Italy, June 1999.

    Google Scholar 

  25. C. Weidenbach. Towards an Automatic Analysis of Security Protocols in First-Order Logic. In H. Ganzinger, editor, 16th International Conference on Automated Deduction (CADE-16), volume 1632 of Lecture Notes in Artificial Intelligence, pages 314–328, Trento, Italy, July 1999. Springer Verlag.

    Google Scholar 

  26. T. Y. C. Woo and S. S. Lam. Authentication for distributed systems. Computer, 25(1):39–52, Jan. 1992.

    Google Scholar 

  27. T. Y. C. Woo and S. S. Lam. A Semantic Model for Authentication Protocols. In Proceedings IEEE Symposium on Research in Security and Privacy, pages 178–194, Oakland, California, May 1993.

    Google Scholar 

  28. T. Y. C. Woo and S. S. Lam. Authentication for distributed systems. In D. Denning and P. Denning, editors, Internet Besieged: Countering Cyberspace Scofflaws. ACM Press and Addison-Wesley, Oct. 1997.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Département d’Informatique, École Normale Supérieure, Paris

    Bruno Blanchet

  2. Max-Planck-Institut für Informatik, Germany

    Bruno Blanchet

Authors
  1. Bruno Blanchet
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science Facultad de Informática, Technical University of Madrid, Campus de Montegancedo, 28660, Boadilla del Monte, Madrid, Spain

    Manuel V. Hermenegildo  & Germán Puebla  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blanchet, B. (2002). From Secrecy to Authenticity in Security Protocols. In: Hermenegildo, M.V., Puebla, G. (eds) Static Analysis. SAS 2002. Lecture Notes in Computer Science, vol 2477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45789-5_25

Download citation

  • DOI: https://doi.org/10.1007/3-540-45789-5_25

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44235-6

  • Online ISBN: 978-3-540-45789-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation