A new logic for electronic commerce protocols

Theoretical Computer Science

Volumn 291, Issue 3, 2003, Pages 223-283

  Adi, Kamel ^a,b   Debbabi, Mourad ^a,c   Mejri, Mohamed ^a  

^a UNIVERSITÉ LAVAL   (Canada)

^b UNIVERSITÉ DU QUÉBEC EN OUTAOUAIS   (Canada)

^c PINTL   (United States)

Author keywords

Authentication; Cryptographic protocols; Denotational semantics; E commerce protocols; Good atomicity; Logic; Money atomicity; Secrecy; Tableau based proof system

Indexed keywords

CRYPTOGRAPHY; FORMAL LOGIC; NETWORK PROTOCOLS; SEMANTICS;

DENOTATIONAL SEMANTICS;

ELECTRONIC COMMERCE;

EID: 0037421015     PISSN: 03043975     EISSN: None     Source Type: Journal    
DOI: 10.1016/S0304-3975(02)00364-X     Document Type: Conference Paper

References (59)

1. M. Abadi, A.D. Gordon, A calculus for cryptographic protocols: The spi calculus, Technical Report, DEC/SRC, 1996.
2. Abadi M., Gordon A.D. A calculus for cryptographic protocols. The spi calculus 4th ACM Conf. on Computer and Communications Security. 1997;36-47 ACM Press, New York.
3. M. Abadi, M.R. Tuttle, A semantics for a logic of authentication, in: Proc. 10th Annu. ACM Symp. on Principles of Distributed Computing, 1991, pp. 201-216.
4. Bieber P., Boulahia-Cuppens N., Lehmann T., van Wickeren E. Abstract machines for communication security. Proc. Computer Security Foundations Workshop VI (CSFW '93). 1993;137-146 IEEE Computer Society Press, Washington, Brussels, Tokyo.
5. Bolignano D. An approach to the formal verification of cryptographic protocols. Proc. 3rd ACM Conf. on Computer and Communication Security, CCS'96, New Delhi, India. 1996;106-118 ACM Press, New York.
6. Boyd C. 'Security architectures using formal methods. J. Select. Areas Commun. 11(5):1990;694-701.
7. C. Boyd C. A framework for authentication. Proc. European Symp. on Research in Computer Security, ESORICS 92, Lecture Notes in Computer Science. Vol. 648:1992;273-292 Springer, Berlin.
8. Burrows M., Abadi M., Needham R. Rejoinder to nessett. ACM Oper. Systems Rev. 24(2):1990;39-40.
9. M. Burrows, M. Abadi, R. Needham, A logic of authentication, in: Proc. Royal Society of London A, Vol. 426, 1998, pp. 233-271.
10. L. Buttyan, Formal methods in the design of cryptographic protocols (state of the art), Technical Report No. SSC/1999/38, Swiss Federal Institute of Technology (EPFL), Lausanne, 1999.
11. U. Carlsen, Formal specification and analysis of cryptographic protocols, Ph.D. Thesis, Université PARIS XI, 1994.
12. J. Clark, J. Jacob, A survey of authentication protocol literature, 1996, unpublished article.
13. E. Clarke, W. Marrero, S. Jha, A machine checkable logic of knowledge for specifying security properties of electronic commerce protocols, in: Proc. IFIP Working Conf. on Programming Concepts and Methods, PROCOMET.
14. Cleaveland R. Tableau-based model checking in the propositional mu-calculus. Acta Inform. 27(8):1990;725-747.
15. Diffie W., Oorschot P.C.V., Wiener M.J. Authentication and authenticated key exchanges. Designs, Codes Cryptography J. 2(2):1992;107-125.
16. Dill D.L. The murphi verification system. Alur Rajeev, A. Henzinger Thomas Proc. 8th Internat. Conf. on Computer Aided Verification CAV, Lecture Notes in Computer Science. Vol. 1102:1996;390-393 Springer, New Brunswick, NJ, USA.
17. D. Dolev, A. Yao, On the security of public key protocols, in: IEEE Transactions on Information Theory, 1983, pp. 198-208.
18. Gaarder K., Snekkenes E. Applying a formal analysis technique to the CCITT X.509 Strong two-way authentication protocol. J. Cryptol. 3(2):1991;81-98.
19. P. Gardiner, D. Jackson, J. Hulance, B. Roscoe, Security modeling in CSP and FDR: Deliverable bundle 2, Technical Report, Formal Systems (Europe) Ltd, 1996.
20. P. Gardiner, D. Jackson, B. Roscoe, Security modeling in CSP and FDR: Deliverable bundle 3, Technical Report, Formal Systems (Europe) Ltd, 1996.
21. V.D. Gligor, R. Kailar, On belief evolution in authentication protocols, in: Proc. IEEE Computer Security Foundations Workshop IV, Franconia, 1991, pp. 103-116.
22. Gollman D. What do we mean by entity authentication. Proc. 1996 IEEE Symp. on Research in Security and Privacy. 1996;46-54 IEEE Computer Society Press, Silver Spring, MD.
23. Gong L., Needham R., Yahalom R. Reasoning about belief in cryptographic protocols. Cooper D., Lunt T. Proc. 1990 IEEE Symp. on Research in Security and Privacy. 1990;234-248 IEEE Computer Society Press, Silver Spring, MD.
24. Goubault-Larrecq J., Mackie I. Proof Theory and Automated Deduction. Applied Logic Series. Vol. 6:1997;Kluwer Academic Publishers, Dordrecht.
25. Hoare C.A.R. Communicating Sequential Process. 1985;Prentice-Hall, Englewood Cliffs, NJ.
26. Iliano C., Durgin N., Lincoln P., Mitchell J., Scedrov A. Relating strands and multiset rewriting for security protocol analysis. Syverson P. Proc. 13th IEEE Computer Security Foundations Workshop - CSFW'00. 2000;35-51 IEEE Computer Society Press, Cambridge, UK.
27. Kemmerer R.A. Using formal verification techniques to analyze encryption protocols. Proc. 1987 IEEE Symp. on Research in Security and Privacy. 1987;134-139 IEEE Computer Society Press, Silver Spring, MD.
28. Kemmerer R.A. Analyzing encryption protocols using formal verification techniques. IEEE J. Select. Areas Commun. 7(4):1989;448-457.
29. Kemmerer R., Meadows C., Millen J. Three systems for cryptographic protocol analysis. J. Cryptol. 7(2):1994;79-130.
30. Liebl A. Authentication in distributed systems. a bibliography Oper. Systems Rev. 27(4):1993;122-136.
31. Lowe G. An attack on the Needham-Schroeder public key authentication protocol. Inform. Process. Lett. 56(3):1995;131-136.
32. G. Lowe, SPLICE-AS: A case study in using CSP to detect errors in security protocols, Technical Report, Programming Research Group, Oxford, 1996.
33. G. Lowe, Some new attacks upon security protocols, in: Proc. 9th IEEE Computer Security Foundations Workshop, 1996, pp. 162-169.
34. Lowe G. A hierarchy of authentication specifications. Proc. 10th IEEE Computer Security Foundations Workshop (CSFW '97). 1997;31-44 IEEE, Washington, Brussels, Tokyo.
35. Mao W., Boyd C. Towards the formal analysis of security protocols. Proc. Computer Security Foundations Workshop VI. 1993;147-158 IEEE Computer Society Press, Silver Spring, MD.
36. C. Meadows, Formal verification of cryptographic protocols: A survey, in: ASIACRYPT: Advances in Cryptology - ASIACRYPT: Internat. Conf. on the Theory and Application of Cryptology, Lecture Notes in Computer Science, Vol. 917, Springer, Berlin, 1994, pp. 133-150.
37. Meadows C. The NRL protocol analyzer: an overview. J. Logic Programming. 26:1996;113-131.
38. R. Milner, The polyadic π -calculus: A tutorial, Technical Report, Laboratory for Foundations of Computer Science, Department of Computer Science, University of Edinburgh, 1991.
39. R. Milner, J. Parrow, D. Walker, A calculus of mobile processes, Technical Report, Laboratory for Foundations of Computer Science, Department of Computer Science, University of Edinburgh, 1989.
40. Milner R., Parrow J., Walker D. A calculus of mobile processes (Parts I and II). Inform. Comput. 100:1992;1-77.
41. Mitchell J.C., Mitchell M., Stern U. Automated analysis of cryptographic protocols using murphi. Proc. 1997 IEEE Symp. on Security and Privacy. 1997;141-153 IEEE Computer Society Press, Silver Spring, MD.
42. J.C. Mitchell, V. Shmatikov, U. Stern, Finite-state analysis of SSL 3.0, in: Proc. DIMACS Workshop on Design and Formal Verification of Security Protocols, September 3-5, 1997, DIMACS Center, CoRE Building, Rutgers University, New Jersey, USA, 1997, pp. 1-20.
43. Paulson L.C. The inductive approach to verifying cryptographic protocols. J. Comput. Security. 6:1998;85-128.
44. Roscoe A.W. Intentional specifications of security protocols. Proc. 9th IEEE Computer Security Foundations Workshop. 1996;28-38 IEEE Computer Society Press, Silver Spring, MD.
45. B. Roscoe, P. Gardiner, Security modeling in CSP and FDR: Final Report, Technical Report, Formal Systems Europe, 1995.
46. A.D. Rubin, P. Honeyman, Formal methods for the analysis of authentication protocols, Technical Report No. 93-7, Internal Draft, Center for Information Technology Integration, University of Michigan, MI, 1993.
47. Schneider S. Security properties and CSP. Proc. 1996 IEEE Symp. on Security and Privacy. 1996;174-187 IEEE Computer Society Press, Silver Spring, MD.
48. V. Shmatikov, J.C. Mitchell, Analysis of a fair exchange protocol, Proc. 7th Annu. Symp. on Network and Distributed System Security, San Diego, 2000, pp. 119-128.
49. E. Snekkenes, Authentication in open systems, 10th IFIP WG 6.1 Symp. on Protocol Specification, Testing and Verification (1990) 313-324.
50. E. Snekkenes, Formal specification and analysis of cryptographic protocols, Ph.D. Thesis, Faculty of Mathematics and Natural Sciences, University of Oslo, Norwegian Defense Research Establishment, P.O. Box 25, N-2007, Kjeller, Norway, 1995.
51. Syverson P. The use of logic in the analysis of cryptographic protocols. Lunt T.F., McLean J. Proc. 1991 IEEE Symp. on Security and Privacy. 1991;156-170 IEEE Computer Society Press, Silver Spring, MD.
52. Syverson P. Knowledge, belief, and semantics in the analysis of cryptographic protocols. J. Comput. Security. 1(3):1992;317-334.
53. Syverson P., Meadows C. A formal language for cryptographic protocol requirements. Designs, Codes Cryptography. 7(1/2):1996;27-59.
54. P. Syverson, C. Meadows, C. Iliano, Dolev-Yao is no better than Machiavelli, in: P. Degano (Ed.), Proc. 1st Workshop on Issues in the Theory of Security - WITS'00, Geneva, Switzerland, 2000, pp. 87-92.
55. Tarski A. A lattice-theoretical fixpoint theorem and its applications. Pacific J. Math. 5:1955;285-309.
56. The commission of the European Communities CEC DG-XIII, Security Investigation Final Report, Technical Report No. S2011/7000/D010 7000 1000, CEC, 1993.
57. V. Varadharajan, Formal specification of a secure distributed system, in: Proc. 12th National Computer Security Conference, 1989, pp. 146-171.
58. Varadharajan V. Use of formal techniques in the specification of authentication protocols. Comput. Standards Interfaces. 9:1990;203-215.
59. Woo T.Y.C., Lam S.S. A lesson on authentication protocol design. Oper. Systems Rev. 28:1994;24-37.