An Evaluation Method for Trusted Channel Based on Protocol Analysis

Trusted channel provides various security services for information products in the environment of insecure networks. It has become a focused problem that whether the services of trusted channel provided by security products wholly satisfy the security function requirement. Now most evaluation methods are very uncertain and incomplete because they are almost empirical and without theoretical support. This paper proposes an evaluation framework based on the Common Criteria with generalization and reusability in some sense. The formal verification methods are applied in the framework, combined with empirical analysis. As an example, SSH protocol is verified by Cord calculus with type system, cryptographic function, and extended inference rules.