A Generic Model for Analyzing Security Protocols

Formal methods have proved useful in the analysis of security protocols. The paper proposes a generic model for the analysis of the security protocols (GSPM for short) that supports message passing semantics and constructs for modelling the behavior of agents. GSPM is simple, but it is expressive enough to express security protocols and properties in a precise and faithful manner. Using GSPM it is shown how security properties such as confidentiality, authentication, non-repudiation, fairness, and anonymity can be described. Finally an example of formal verification is illustrated.

[1]  Simon L. Peyton Jones,et al.  Imperative functional programming , 1993, POPL '93.

[2]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[3]  Michele Boreale,et al.  Symbolic Trace Analysis of Cryptographic Protocols , 2001, ICALP.

[4]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[5]  Steve A. Schneider Security properties and CSP , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[6]  C. A. R. Hoare,et al.  Communicating Sequential Processes (Reprint) , 1983, Commun. ACM.

[7]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[8]  Flemming Nielson,et al.  Automatic validation of protocol narration , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[9]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[10]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[11]  Glynn Winskel,et al.  Events in security protocols , 2001, CCS '01.

[12]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[13]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[14]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[15]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[16]  Robin Milner Action Calculi, or Syntactic Action Structures , 1993, MFCS.

[17]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[18]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[19]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[20]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[21]  Robin Milner,et al.  Theories for the Global Ubiquitous Computer , 2004, FoSSaCS.

[22]  Luca Cardelli,et al.  Mobile Ambients , 1998, Foundations of Software Science and Computation Structure.

[23]  Andrew M. Pitts,et al.  Observable Properties of Higher Order Functions that Dynamically Create Local Names, or What's new? , 1993, MFCS.