Term-based composition of security protocols

In the context of security protocol parallel composition, where messages belonging to different protocols can intersect each other, we introduce a new paradigm: term-based composition (i.e. the composition of message components also known as terms). First, we create a protocol specification model by extending the original strand spaces. Then, we provide a term composition algorithm based on which new terms can be constructed. To ensure that security properties are maintained, we introduce the concept of term connections to express the existing connections between terms and encryption contexts. We illustrate the proposed composition process by using two existing protocols.

[1]  Andrew D. Gordon,et al.  Authenticity by typing for security protocols , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[2]  John C. Mitchell,et al.  Protocol Composition Logic (PCL) , 2007, Computation, Meaning, and Logic.

[3]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .

[4]  Genge Bela,et al.  Verifying the Independence of Security Protocols , 2007, 2007 IEEE International Conference on Intelligent Computer Communication and Processing.

[5]  Stig Fr. Mjølsnes,et al.  A framework for compositional verification of security protocols , 2006, Inf. Comput..

[6]  Hyun-Jin Choi,et al.  Security protocol design by composition , 2006 .

[7]  Levente Buttyán,et al.  BUILDING BLOCKS FOR SECURE SERVICES: AUTHENTICATED KEY TRANSPORT AND RATIONAL EXCHANGE PROTOCOLS , 2002 .

[8]  Ran Canetti,et al.  Universal Composition with Joint State , 2003, CRYPTO.

[9]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[10]  Simon S. Lam,et al.  A lesson on authentication protocol design , 1994, OPSR.

[11]  Genge Bela,et al.  A typed specification for security protocols , 2006 .

[12]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[14]  Gavin Lowe,et al.  Towards a completeness result for model checking of security protocols , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[15]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[16]  Cas J. F. Cremers,et al.  Compositionality of Security Protocols: A Research Agenda , 2004, VODCA@FOSAD.

[17]  Joshua D. Guttman,et al.  Security protocol design via authentication tests , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[18]  Catherine A. Meadows A procedure for verifying security against type confusion attacks , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[19]  Lawrence C. Paulson,et al.  Relations Between Secrets: Two Formal Analyses of the Yahalom Protocol , 2001, J. Comput. Secur..