On the Security Effectiveness of Cryptographic Protocols

We introduce the notion of security effectiveness, illustrate its use in the context of cryptographic protocol analysis, and argue that it requires analysis of protocol property dependencies. We provide examples to show that, without dependency analysis, the use of some logics for cryptographic protocol analysis yields results that are inconsistent or unrealistic in practice. We identify several types of property dependencies whose use in protocol analysis methods can yield realistic analyses.

[1]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[2]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[3]  Stephen M. Matyas Key Handling with Control Vectors , 1991, IBM Syst. J..

[4]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Virgil D. Gligor,et al.  On belief evolution in authentication protocols , 1991, Proceedings Computer Security Foundations Workshop IV.

[6]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[7]  Li Gong,et al.  Logics for cryptographic protocols-virtues and limitations , 1991, Proceedings Computer Security Foundations Workshop IV.

[8]  Virgil D. Gligor,et al.  On the formal specification and verification of a multiparty session protocol , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Don Davis,et al.  Network security via private-key certificates , 1990, OPSR.

[10]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Virgil D. Gligor,et al.  Reasoning about Message Integrity , 1995 .

[12]  Michael J. Wiener,et al.  Cryptanalysis of Short RSA Secret Exponents (Abstract) , 1990, EUROCRYPT.

[13]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.