A Simple Language for Real-Time Cryptographic Protocol Analysis

A real-time process algebra, enhanced with specific constructs for handling cryptographic primitives, is proposed to model cryptographic protocols in a simple way.We show that some security properties, such as authentication and secrecy, can be re-formulated in this timed setting. Moreover, we show that they can be seen as suitable instances of a general information flow-like scheme, called tGNDC, parametric w.r.t. the observational semantics of interest.We show that, when considering timed trace semantics, there exists a most powerful hostile environment (or enemy) that can try to compromise the protocol. Moreover, we hint some compositionality results.

[1]  Roberto Gorrieri,et al.  Real-time information flow analysis , 2003, IEEE J. Sel. Areas Commun..

[2]  Matthew Hennessy,et al.  A Temporal Process Algebra , 1990, FORTE.

[3]  Roberto Gorrieri,et al.  A Classification of Security Properties , 1993 .

[4]  Joshua D. Guttman,et al.  Protocol independence through disjoint encryption , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[5]  Roberto Gorrieri,et al.  A comparison of three authentication properties , 2003, Theor. Comput. Sci..

[6]  Gavin Lowe,et al.  Analysing a Stream Authentication Protocol Using Model Checking , 2002, ESORICS.

[7]  Fabio Martinelli,et al.  A Uniform Approach for the Definition of Security Properties , 1999, World Congress on Formal Methods.

[8]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[9]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[10]  Roberto Gorrieri,et al.  Secrecy in Security Protocols as Non Interference , 1999, Workshop on Secure Architectures and Information Flow.

[11]  Irek Ulidowski,et al.  Extending Process Languages with Time , 1997, AMAST.

[12]  Jan Friso Groote,et al.  Transition System Specifications with Negative Premises , 1993, Theor. Comput. Sci..

[13]  Roberto Gorrieri,et al.  Non Interference for the Analysis of Cryptographic Protocols , 2000, ICALP.

[14]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[15]  Neil Evans,et al.  Analysing Time Dependent Security Properties in CSP Using PVS , 2000, ESORICS.

[16]  Nicoletta De Francesco,et al.  Authenticity in a reliable protocol for mobile computing , 2003, SAC '03.

[17]  Daniele Gorla,et al.  On Compositional Reasoning in the Spi-calculus , 2002, FoSSaCS.

[18]  Roberto Gorrieri,et al.  A Taxonomy of Security Properties for Process Algebras , 1995, J. Comput. Secur..