A comparison of three authentication properties

Authentication is a slippery security property that has been formally defined only recently; among the recent definitions, two rather interesting ones have been proposed for the spi-calculus by (Abadi and Gordon (in: Proc. CONCUR'97, Lecture Notes in Computer Science, Vol. 1243, Springer, Berlin, 1997, pp. 59-73; Inform. and Comput. 148(1) (1999) 1-70) and for CSP by Lowe (in: Proc. 10th Computer Security Foundation Workshop, IEEE Press, 1997, pp. 31-43). On the other hand, in a recent paper (in: Proc. World Congr. on Formal Methods (FM'99), Lecture Notes in Computer Science, Vol. 1708, Springer, Berlin, 1999, pp. 794-813), we have proved that many existing security properties can be seen uniformly as specific instances of a general scheme based on the idea of non-interference. The purpose of this paper is to show that, under reasonable assumptions, spi-authentication can be recast in this general framework as well, by showing that it is equivalent to the non-interference property called NDC of Focardi and Gorrieri (J. Comput. Security 3(1) (1994/1995) 5-33; IEEE Trans. Software Eng. 23(9) (199) 550-571). This allows for the comparison between such a property and the one based on CSP, which was already recast under the general scheme of Focardi and Martinelli (1999).

[1]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[2]  Fabio Martinelli,et al.  Analysis of security protocols as open systems , 2003, Theor. Comput. Sci..

[3]  Steve A. Schneider,et al.  Formal analysis of a non-repudiation protocol , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[4]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[5]  Fabio Martinelli,et al.  Partial model checking and theorem proving for ensuring security properties , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[6]  Roberto Gorrieri,et al.  A Taxonomy of Security Properties for Process Algebras , 1995, J. Comput. Secur..

[7]  Roberto Gorrieri,et al.  Message Authentication through Non Interference , 2000, AMAST.

[8]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[9]  Somesh Jha,et al.  A model checker for authentication protocols , 1997 .

[10]  Davide Sangiorgi,et al.  Expressing mobility in process algebras : first-order and higher-order paradigms , 1993 .

[11]  Roberto Gorrieri,et al.  Classification of Security Properties - Part II: Network Security , 2002, FOSAD.

[12]  Roberto Gorrieri,et al.  Non Interference for the Analysis of Cryptographic Protocols , 2000, ICALP.

[13]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Corrado Priami,et al.  Authentication via localized names , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[15]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[16]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[17]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[18]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[19]  R.,et al.  A CLASSIFICATION OF SECURITY PROPERTIES FOR PROCESS ALGEBRAS 1 , 1994 .

[20]  Roberto Gorrieri,et al.  CVS: a compiler for the analysis of cryptographic protocols , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[21]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[22]  Roberto Gorrieri,et al.  A compiler for analyzing cryptographic protocols using noninterference , 2000, TSEM.

[23]  Dieter Gollmann What do we mean by entity authentication? , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[24]  Rocco De Nicola,et al.  Testing Equivalences for Processes , 1984, Theor. Comput. Sci..

[25]  Martín Abadi,et al.  Reasoning about Cryptographic Protocols in the Spi Calculus , 1997, CONCUR.

[26]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[27]  Fabio Martinelli,et al.  A Uniform Approach for the Definition of Security Properties , 1999, World Congress on Formal Methods.