The Wolf Within

A formal specification of a security protocol cannot be limited to listing the messages exchanged. In MSR, each construct is associated with typing and data access specification (DAS) rules, which describe under which circumstances a principal can access keys and other information. A protocol specification is completed with a description of the intruder in the style of Dolev and Yao, the wolf in the protocol world. In this paper, we show that the protocol determines the intruder: the wolf is deep within. More precisely we show that the Dolev-Yao intruder rules can be automatically reconstructed from the DAS rules, and that the DAS rules can themselves be inferred from annotated typing declarations for the various message constructors.

[1]  John C. Mitchell,et al.  A meta-notation for protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[2]  Iliano Cervesato Typed MSR: Syntax and Examples , 2001, MMM-ACNS.

[3]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[4]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[5]  G Denker,et al.  Capsl Intermediate Language , 1999 .

[6]  Iliano Cervesato Typed Multiset Rewriting Specifications of Security Protocols , 2000, Electron. Notes Theor. Comput. Sci..

[7]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[8]  Iliano Cervesato Data Access Specification and the Most Powerful Symbolic Attacker in MSR , 2002, ISSS.