Automated refinement of security protocols

The design of security protocols is usually performed manually by pen and paper, by experts in security. Assumptions are rarely specified explicitly. We present a new way to approach security specification: The protocol is refined fully automated into a specification that contains assumptions sufficient to execute the protocol. As a result, the protocol designer using our method does not have to be a security expert to design a protocol, and can learn immediately how the protocol should work in practice.

[1]  The epistemics of encryption , 2000 .

[2]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[3]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[4]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .

[5]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[6]  A. M. Hagalisletto,et al.  A FORMAL LANGUAGE FOR SPECIFYING SECURITY PROPERTIES , 2004 .

[7]  Frédéric Cuppens,et al.  Expression of confidentiality policies with deontic logic , 1994 .

[8]  G. Denker,et al.  CAPSL integrated protocol environment , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[9]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10]  José Meseguer,et al.  Rewriting Logic Semantics: From Language Specifications to Formal Analysis Tools , 2004, IJCAR.

[11]  John A. Clark,et al.  Automated Design of Security Protocols , 2004, Comput. Intell..

[12]  Dawn Xiaodong Song,et al.  A First Step Towards the Automatic Generation of Security Protocols , 2000, NDSS.

[13]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[14]  Catherine A. Meadows,et al.  The NRL Protocol Analyzer: An Overview , 1996, J. Log. Program..