Programming Cryptographic Protocols

Cryptographic protocols are useful for trust engineering in distributed transactions. Transactions require specific degrees of confidentiality and agreement between the principals engaging in it. Moreover, trust management assertions may be attached to protocol actions, constraining the behavior of a principal to be compatible with its own trust policy. We embody these ideas in a cryptographic protocol programming language cppl at the Dolev-Yao level of abstraction. A strand space semantics for cppl shaped our compiler development, and allows a protocol designer to prove that a protocol is sound.

[1]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[2]  Joshua D. Guttman,et al.  Protocol independence through disjoint encryption , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[3]  Letizia Tanca,et al.  What you Always Wanted to Know About Datalog (And Never Dared to Ask) , 1989, IEEE Trans. Knowl. Data Eng..

[4]  Joshua D. Guttman Authentication tests and disjoint encryption: A design method for security protocols , 2004, J. Comput. Secur..

[5]  Simon S. Lam,et al.  Authentification for Distributed Systems , 1992, Computer.

[6]  Dawn Xiaodong Song,et al.  A First Step Towards the Automatic Generation of Security Protocols , 2000, NDSS.

[7]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[8]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[9]  Manindra Agrawal,et al.  FST TCS 2002: Foundations of Software Technology and Theoretical Computer Science , 2002, Lecture Notes in Computer Science.

[10]  Martín Abadi,et al.  Just fast keying in the pi calculus , 2004, TSEC.

[11]  Glynn Winskel,et al.  Composing Strand Spaces , 2002 .

[12]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[13]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[14]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[15]  David Scott Warren,et al.  Efficient Top-Down Computation of Queries under the Well-Founded Semantics , 1995, J. Log. Program..

[16]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[17]  Gerhard Gentzen,et al.  Investigations into Logical Deduction , 1970 .

[18]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[19]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[20]  Peter Sewell,et al.  Cassandra: flexible trust management, applied to electronic health records , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[21]  Gavin Lowe,et al.  On Distributed Security Transactions that use Secure Transport Protocols , 2003 .

[22]  David Scott Warren,et al.  Tabled evaluation with delaying for general logic programs , 1996, JACM.

[23]  Jonathan C. Herzog,et al.  The Diffie-Hellman key-agreement scheme in the strand-space model , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[24]  Joshua D. Guttman,et al.  Trust Management in Strand Spaces: A Rely-Guarantee Method , 2004, ESOP.

[25]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[26]  Alan Bundy,et al.  Constructing Induction Rules for Deductive Synthesis Proofs , 2006, CLASE.

[27]  Federico Crazzolara,et al.  Developing security protocols in ?-Spaces , 2002 .

[28]  Joshua D. Guttman,et al.  The Sizes of Skeletons : Decidable Cryptographic Protocol Authentication and Secrecy Goals ? , 2022 .

[29]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[30]  Andrew D. Gordon,et al.  A type discipline for authorization policies , 2005, TOPL.

[31]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[32]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[33]  John C. Mitchell,et al.  Multiset rewriting and the complexity of bounded security protocols , 2004, J. Comput. Secur..

[34]  Andreas Podelski,et al.  Verification of cryptographic protocols: tagging enforces termination , 2003, Theor. Comput. Sci..

[35]  Joshua D. Guttman,et al.  Authentication tests and the structure of bundles , 2002, Theor. Comput. Sci..

[36]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[37]  John C. Mitchell,et al.  A derivation system for security protocols and its logical formalization , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[38]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2001, Journal of Cryptology.

[39]  Frank Henrik Muller,et al.  Cryptographic protocol generation from capsl , 2001 .

[40]  Michele Boreale,et al.  Symbolic Trace Analysis of Cryptographic Protocols , 2001, ICALP.

[41]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[42]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[43]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[44]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .