Formalizing GDOI group key management requirements in NPATRL

Although there is a substantial amount of work on formal requirements for two and three-party key distribution protocols, very little has been done on requirements for group protocols. However, since the latter have security requirements that can differ in important but subtle ways, we believe that a rigorous expression of these requirements can be useful in determining whether a given protocol can satisfy an application's needs. In this paper we make a first step in providing a formal understanding of security requirements for group key distribution by using the NPATRL language, a temporal requirement specification language for use with the NRL Protocol Analyzer. We specify the requirements for GDOI, a protocol being proposed as an IETF standard, which we are formally specifying and verifying in cooperation with the MSec working group.

[1]  Catherine A. Meadows,et al.  The NRL Protocol Analyzer: An Overview , 1996, J. Log. Program..

[2]  Brian Weis,et al.  Group Domain of Interpretation for ISAKMP , 2001 .

[3]  Catherine A. Meadows,et al.  A Formal Specification of Requirements for Payment Transactions in the SET Protocol , 1998, Financial Cryptography.

[4]  Catherine A. Meadows,et al.  A model of computation for the NRL Protocol Analyzer , 1994, Proceedings The Computer Security Foundations Workshop VII.

[5]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[6]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[7]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[8]  Catherine A. Meadows,et al.  A Cost-Based Framework for Analysis of Denial of Service Networks , 2001, J. Comput. Secur..

[9]  Paul Syverson,et al.  A formal language for cryptographic protocol requirements , 1996 .

[10]  Max J. Cresswell,et al.  A New Introduction to Modal Logic , 1998 .

[11]  Naganand Doraswamy,et al.  Ipsec: the new security standard for the internet , 1999 .

[12]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[13]  Catherine A. Meadows,et al.  A logical language for specifying cryptographic protocol requirements , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Catherine A. Meadows,et al.  Formal Requirements for Key Distribution Protocols , 1994, EUROCRYPT.