Abstract
We propose a new method for the static analysis of entity authentication protocols. We develop our approach based on a dialect of the spi-calculus as the underlying formalism for expressing protocol narrations. Our analysis validates the honest protocol participants against static (hence decidable) conditions that provide formal guarantees of entity authentication. The main result is that the validation of each component is provably sound and fully compositional: if all the protocol participants are successfully validated, then the protocol as a whole guarantees entity authentication in the presence of Dolev-Yao intruders.
Work partially supported by MIUR project ‘Modelli formali per la sicurezza’ and EU Contract IST-2001-32617 ‘Models and Types for Security in Mobile Distributed Systems’ (MyThS).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theor. Comput. Sci. 298(3), 387–415 (2003)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)
Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22(1), 6–15 (1996)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. In: Proceedings of Foundations of Software Science and Computation Structures, pp. 136–152 (2003)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Automatic validation of protocol narration. In: Proceedings of 16th IEEE Computer Security FoundationsWorkshop (CSFW 16), June 2003, pp. 126–140 (2003)
Boreale, M.: Symbolic trace analysis of cryptographic protocols. In: Orejas, F., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 667–681. Springer, Heidelberg (2001)
Boreale, M., De Nicola, R., Pugliese, R.: Proof techniques for cryptographic processes. In: Logic in Computer Science, pp. 157–166 (1999)
Bugliesi, M., Focardi, R., Maffei, M.: Principles for entity authentication. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 294–306. Springer, Heidelberg (2004)
Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. Proceedings of the Royal Society of London 426(1871), 233–271 (1871)
Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (November 1997), http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Durgin, N., Mitchell, J., Pavlovic, D.: A compositional logic for proving security properties of protocols. Journal of Computer Security 11 (2003)
Focardi, R., Gorrieri, R., Martinelli, F.: Non interference for the analysis of cryptographic protocols. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 354–372. Springer, Heidelberg (2000)
Gollmann, D.: What do we mean by Entity Authentication. In: Proceedings of the 1996 Symposium on Security and Privacy, pp. 46–54. IEEE Computer Society Press, Los Alamitos (1996)
Gong, L., Needham, R., Yahalom, R.: Reasoning About Belief in Cryptographic Protocols. In: Cooper, D., Lunt, T. (eds.) Proceedings 1990 IEEE Symposium on Research in Security and Privacy, pp. 234–248. IEEE Computer Society, Los Alamitos (1990)
Gordon, A., Jeffrey, A.: Authenticity by typing for security protocols. In: 14th IEEE Computer Security FoundationsWorkshop (CSFW-14), June 2001, pp. 145–159 (2001)
Gordon, A., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. In: 15th IEEE Computer Security Foundations Workshop—CSFW 2001, June 24-26, pp. 77–91. IEEE Computer Society Press, Los Alamitos (2001)
Guttman, J.: Security protocol design via authentication tests. In: 15th IEEE Computer Security Foundations Workshop—CSFW 2001, Cape Breton, Canada, June 24-26, pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)
Guttman, J.D., Javier Thayer, F.: Authentication tests and the structure of bundles. Theoretical Computer Science 283(2), 333–380 (2002)
Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: 13th IEEE Computer Security Foundations Workshop — CSFW 2000, Cambridge, UK, July 3-5, pp. 255–268. IEEE Computer Society Press, Los Alamitos (2000)
ISO/IEC. Entity Authentication Using Symmetric Techniques. Report ISO/IEC JTC1.27.02.2 (20.03.1.2) (June 1990)
Lowe, G.: A Hierarchy of Authentication Specification. In: Proceedings of the 10th Computer Security Foundation Workshop, pp. 31–44. IEEE Press, Los Alamitos (1997)
Meadows, C., Syverson, P.: Formal specification and analysis of the group domain of intrepretation protocol using npatrl and the nrl protocol analyzer (2003), To appear in Journal of Computer Security
Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using murφ. In: Proceedings of the 1997 IEEE Symposium on Research in Security and Privacy, pp. 141–153. IEEE Computer Society Press, Los Alamitos (1997)
Needham, R.M., Schroeder, M.D.: Authentication revisited. ACM SIGOPS Operating Systems Review 21(1), 7 (1987)
Paulson, L.C.: Relations between secrets: Two formal analyses of the yahalom protocol. Journal of Computer Security 9(3), 197–216 (2001)
Thayer, J., Herzog, J., Guttman, J.: Strand spaces: Proving security protocols correct. Journal of Computer Security, 15 (1999)
Woo, T.Y.C., Lam, S.S.: Authentication for distributed systems. IEEE Computer 25(3), 39–51 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bugliesi, M., Focardi, R., Maffei, M. (2004). Compositional Analysis of Authentication Protocols. In: Schmidt, D. (eds) Programming Languages and Systems. ESOP 2004. Lecture Notes in Computer Science, vol 2986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24725-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-24725-8_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21313-0
Online ISBN: 978-3-540-24725-8
eBook Packages: Springer Book Archive