From Secrecy to Authenticity in Security Protocols

We present a new technique for verifying authenticity in cryptographic protocols. This technique is fully automatic, it can handle an unbounded number of sessions of the protocol, and it is efficient in practice. It significantly extends a previous technique for the verification of secrecy. The protocol is represented in an extension of the pi calculus with fairly arbitrary cryptographic primitives. This protocol representation includes the authentication specification to be verified, but no other annotation. Our technique has been proved correct, implemented, and tested on various protocols from the literature. The experimental results show that we can verify these protocols in less than 1 s.

[1]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[2]  Simon S. Lam,et al.  A semantic model for authentication protocols , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Andrew D. Gordon,et al.  Authenticity by typing for security protocols , 2003 .

[4]  Thomas Y. C. Woo,et al.  Authentication for distributed systems , 1997, Computer.

[5]  Christoph Weidenbach,et al.  Towards an Automatic Analysis of Security Protocols in First-Order Logic , 1999, CADE.

[6]  Martín Abadi,et al.  Analyzing security protocols with secrecy types and logic programs , 2002, POPL '02.

[7]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[8]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[9]  A. W. Roscoe,et al.  Automating Data Independence , 2000, ESORICS.

[10]  G. Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol using CSP and FDR , 1996 .

[11]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[12]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[13]  Gerhard Goos,et al.  Computer Science Today: Recent Trends and Developments , 1995 .

[14]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[15]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[16]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[17]  Dawn Xiaodong Song Athena: a new efficient automatic checker for security protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[18]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[19]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[20]  Steve A. Schneider,et al.  Towards automatic verification of authentication protocols on an unbounded network , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[21]  Roberto M. Amadio,et al.  The Game of the Name in Cryptographic Tables , 1999, ASIAN.

[22]  Bill Roscoe Internalising Agents in CSP Protocol Models , 2002 .

[23]  Ernie Cohen TAPS: a first-order verifier for cryptographic protocols , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[24]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[25]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[26]  Andrew William Roscoe,et al.  Proving security protocols with model checkers by data independence techniques , 1999 .

[27]  P. S. Thiagarajan,et al.  Advances in Computing Science — ASIAN’99 , 1999, Lecture Notes in Computer Science.

[28]  Jonathan K. Millen,et al.  Proving secrecy is easy enough , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..