Formal Verification of Cardholder Registration in SET

The first phase of the SET protocol, namely Cardholder Registration, has been modelled inductively. This phase is presented in outline and its formal model is described. A number of basic lemmas have been proved about the protocol using Isabelle/HOL, along with a theorem stating that a certification authority will certify a given key at most once. Many ambiguities, contradictions and omissions were noted while formalizing the protocol.

[1]  Heike Neumann,et al.  A Sound Logic for Analysing Electronic Commerce Protocols , 1998, ESORICS.

[2]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[3]  Larry Loeb Secure Electronic Transactions Introduction and Technical Reference , 1998 .

[4]  Stephen H. Brackin Automatically Detecting Authentication Limitations in Commercial Security Protocols , 1999 .

[5]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[6]  Lawrence C. Paulson,et al.  Kerberos Version 4: Inductive Analysis of the Secrecy Goals , 1998, ESORICS.

[7]  P A Putland,et al.  Electronic payment systems , 1997 .

[8]  Giampaolo Bella Modelling Agents' Knowledge Inductively , 1999, Security Protocols Workshop.

[9]  Catherine A. Meadows,et al.  A Formal Specification of Requirements for Payment Transactions in the SET Protocol , 1998, Financial Cryptography.

[10]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[11]  Rajashekar Kailar Reasoning about accountability in protocols for electronic commerce , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[12]  Catherine A. Meadows Open Issues in Formal Methods for Cryptographic Protocol Analysis , 2001, MMM-ACNS.

[13]  Giampaolo Bella,et al.  Message reception in the inductive approach , 1999 .

[14]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[15]  Lawrence C. Paulson,et al.  Inductive analysis of the Internet protocol TLS , 1999, TSEC.