Case Studies in the Specification and Analysis of Protocols in Maude

Abstract We follow the method for the specification and analysis of protocols introduced in [3], further exploiting the capabilities of Maude. Our specifications are highly structured and allow the detection of type flaws, as well as replay attacks. We describe a variation of the search strategy introduced in [3] that supports two kinds of optimizations in a simple and modular way.

[1]  Simon S. Lam,et al.  A lesson on authentication protocol design , 1994, OPSR.

[2]  Gul Agha,et al.  Research directions in concurrent object-oriented programming , 1993 .

[3]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[4]  José Meseguer,et al.  A logical theory of concurrent objects and its realization in the Maude language , 1993 .

[5]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[6]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[7]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[8]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[9]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.