Attack-preserving Security Protocol Transformations

The rigorous incremental development of security protocols has so far received much less attention than protocol verification techniques. In this work, we study security protocol transformations. These can serve both for simplifying protocols before verification and, in the other direction, for developing protocols by stepwise refinement of simple abstract protocols into complex concrete ones. The transformations preserve attacks on a class of security properties. Our work aims to improve our understanding of modifications of existing protocols and to enable the systematic development of entire families of new protocols. This complements existing work on post-hoc protocol verification.

[1]  John C. Mitchell,et al.  Abstraction and refinement in protocol derivation , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[2]  Dusko Pavlovic,et al.  Deriving Secrecy in Key Establishment Protocols , 2006, ESORICS.

[3]  Joshua D. Guttman Transformations between Cryptographic Protocols , 2009, ARSPA-WITS.

[4]  Gavin Lowe,et al.  Fault-Preserving Simplifying Transformations for Security Protocols , 2001, J. Comput. Secur..

[5]  Christoph Sprenger,et al.  Developing security protocols by refinement , 2010, CCS '10.

[6]  David A. Basin,et al.  Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[7]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[8]  Dusko Pavlovic,et al.  An encapsulated authentication logic for reasoning about key distribution protocols , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[9]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[10]  David A. Basin,et al.  Refining Key Establishment , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[11]  Joshua D. Guttman Security Goals and Protocol Transformations , 2011, TOSCA.

[12]  Sandro Etalle,et al.  A logic for constraint-based security protocol analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[13]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[14]  Martín Abadi,et al.  Deciding knowledge in security protocols under equational theories , 2004, Theor. Comput. Sci..

[15]  John C. Mitchell,et al.  A derivation system and compositional logic for security protocols , 2005, J. Comput. Secur..