Analysis of Authentication Protocols in Agent-Based Systems Using Labeled Tableaux

The study of multiagent systems (MASs) focuses on systems in which many intelligent agents interact with each other using communication protocols. For example, an authentication protocol is used to verify and authorize agents acting on behalf of users to protect restricted data and information. After authentication, two agents should be entitled to believe that they are communicating with each other and not with intruders. For specifying and reasoning about the security properties of authentication protocols, many researchers have proposed the use of belief logics. Since authentication protocols are designed to operate in dynamic environments, it is important to model the evolution of authentication systems through time in a systematic way. We advocate the systematic combinations of logics of beliefs and time for modeling and reasoning about evolving agent beliefs in MASs. In particular, we use a temporal belief logic called TML+ for establishing trust theories for authentication systems and also propose a labeled tableau system for this logic. To illustrate the capabilities of TML+, we present trust theories for several well-known authentication protocols, namely, the Lowe modified wide-mouthed frog protocol, the amended Needham-Schroeder symmetric key protocol, and Kerberos. We also show how to verify certain security properties of those protocols. With the logic TML+ and its associated modal tableaux, we are able to reason about and verify authentication systems operating in dynamic environments.

[1]  Max J. Cresswell,et al.  A New Introduction to Modal Logic , 1998 .

[2]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[3]  Jerome H. Saltzer,et al.  Kerberos authentication and authorization system , 1987 .

[4]  Louise E. Moser,et al.  A logic of knowledge and belief for reasoning about computer security , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[5]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[6]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Martín Abadi,et al.  A semantics for a logic of authentication (extended abstract) , 1991, PODC '91.

[8]  Dov M. Gabbay,et al.  Adding a temporal dimension to a logic system , 1992, J. Log. Lang. Inf..

[9]  Dennis Longley,et al.  An automatic search for security flaws in key management schemes , 1992, Comput. Secur..

[10]  Paul C. van Oorschot,et al.  Extending cryptographic logics of belief to key agreement protocols , 1993, CCS '93.

[11]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Guido Governatori Labelled Tableaux for Multi-Modal Logics , 1995, TABLEAUX.

[13]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[14]  P. Syverson,et al.  A Unified Cryptographic Protocol Logic , 1996 .

[15]  Vishwani D. Agrawal,et al.  Synthesis of self-testing finite state machines from high-level specification , 1996, Proceedings International Test Conference 1996. Test and Design Validity.

[16]  Volker Kessler,et al.  Formal Semantics for Authentication Logics , 1996, ESORICS.

[17]  Mehmet A. Orgun,et al.  Executing specifications of distributed computations with Chronolog(MC) , 1996, SAC '96.

[18]  Rajashekar Kailar Accountability in Electronic Commerce Protocols , 1996, IEEE Trans. Software Eng..

[19]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[20]  Gavin Lowe A Family of Attacks upon Authentication Protocols , 1997 .

[21]  Heike Neumann,et al.  A Sound Logic for Analysing Electronic Commerce Protocols , 1998, ESORICS.

[22]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[23]  Wolfgang May A Tableau Calculus for a Temporal Logic with Temporal Connectives , 1999, TABLEAUX.

[24]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[25]  Amílcar Sernadas Fibring Logics, Dov M. Gabbay , 2000, J. Log. Lang. Inf..

[26]  Babak Sadighi Firozabadi,et al.  On the characterisation of a trusting agent - aspects of a formal approach , 2001 .

[27]  Chuchang Liu Logical Foundations for Reasoning about Trust in Secure Digital Communication , 2001, Australian Joint Conference on Artificial Intelligence.

[28]  Michael Goldsmith,et al.  Modelling and analysis of security protocols , 2001 .

[29]  Dawn Xiaodong Song,et al.  Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis , 2001, J. Comput. Secur..

[30]  Chuchang Liu,et al.  Trust in Secure Communication Systems - The Concept, Representations, and Reasoning Techniques , 2002, Australian Joint Conference on Artificial Intelligence.

[31]  Corrado Priami,et al.  Primitives for authentication in process algebras , 2002, Theor. Comput. Sci..

[32]  Mingui Sun,et al.  Event-related potential noise reduction using the hidden Markov tree model , 2003, Fourth International Symposium on Uncertainty Modeling and Analysis, 2003. ISUMA 2003..

[33]  Sebastian Mödersheim,et al.  OFMC: A symbolic model checker for security protocols , 2005, International Journal of Information Security.

[34]  Mehmet A. Orgun,et al.  A Temporalised Belief Logic for Specifying the Dynamics of Trust for Multi-agent Systems , 2004, ASIAN.

[35]  Khaled Ghédira,et al.  Reachability search in timed Petri nets using constraint programming , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[36]  Manu De Backer,et al.  On the Verification of Web Services Compatibility: A Petri Net Approach , 2004, OTM Workshops.

[37]  Clare Dixon,et al.  Using temporal logics of knowledge in the formal verification of security protocols , 2004, Proceedings. 11th International Symposium on Temporal Representation and Reasoning, 2004. TIME 2004..

[38]  Jonathan K. Millen,et al.  Three systems for cryptographic protocol analysis , 1994, Journal of Cryptology.

[39]  Yih-Kai Lin Fair control of Petri nets , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[40]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[41]  M. de Rijke,et al.  Model Checking for Combined Logics with an Application to Mobile Systems , 2004, Automated Software Engineering.

[42]  Monica Nesi,et al.  Formalizing and Analyzing the Needham-Schroeder Symmetric-Key Protocol by Rewriting , 2005, ARSPA@ICALP.

[43]  Ji Ma,et al.  IEEE TRANSACTIONS ON SYSTEMS , MAN , AND CYBERNETICS — PART A : SYSTEMS AND HUMANS , 2006 .

[44]  Torben Braüner,et al.  First-order modal logic , 2007, Handbook of Modal Logic.

[45]  Ji Ma,et al.  Specifying Agent Beliefs for Authentication Systems , 2007, Fourth European Conference on Universal Multiservice Networks (ECUMN'07).

[46]  Mehmet A. Orgun,et al.  Modal tableaux for verifying stream authentication protocols , 2007, Autonomous Agents and Multi-Agent Systems.

[47]  Ji Ma,et al.  Formalising theories of trust for authentication protocols , 2008, Inf. Syst. Frontiers.

[48]  Yingxu Wang,et al.  A Cognitive Informatics Reference Model of Autonomous Agent Systems (AAS) , 2009, Int. J. Cogn. Informatics Nat. Intell..

[49]  C. Caleiro,et al.  Fibring Logics∗ , 2009 .