A derivation system and compositional logic for security protocols

Journal of Computer Security

Volumn 13, Issue 3, 2005, Pages 423-482

  Datta, Anupam ^a   Derek, Ante ^a   Mitchell, John C ^a   Pavlovic, Dusko ^b  

^a Stanford University   (United States)

^b KESTREL INSTITUTE   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

FORMAL LOGIC; MATHEMATICAL MODELS; NETWORK PROTOCOLS;

AUTHENTICATION; COMPOSITIONAL LOGIC; SECURITY PROTOCOLS; STATION-TO-STATION (STS);

SECURITY OF DATA;

EID: 24144442872     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2005-13304     Document Type: Conference Paper

References (64)

1. M. Abadi and A. Gordon, A calculus for cryptographic protocols: the spi calculus, Information and Computation, 148(1) (1999), 1-70. Expanded version available as SRC Research Report 149 (January 1998).
2. W. Aiello, S. Bellovin, M. Blaze, R. Canetti, J. Ioannidis, A. Keromytis and O. Reingold, Just fast keying (JFK), 2002. Internet draft.
3. J. Alves-Foss and T. Soule, A weakest precondition calculus for analysis of cryptographic protocols, in: DIMACS Workshop on Design and Formal Verification of Crypto Protocols, 1997.
4. M. Barr and C. Wells, Category Theory for Computing Science. New York.
5. M. Bellare, R. Canetti and H. Krawczyk, A modular approach to the design and analysis of authentication and key exchange protocols, in: Proceedings of 30th Annual Symposium on the Theory of Computing, ACM, 1998.
6. M. Bellare and P. Rogaway, Entity authentication and key distribution, in: Advances in Cryprtology - Crypto'93 Proceedings, Springer-Verlag, 1994.
7. G. Berry and G. Boudol, The chemical abstract machine, Theoretical Computer Science 96 (1992), 217-248.
8. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva and M. Yung, Systematic design of a family of attack resistant authentication protocols, IEEE Journal on Selected Areas in Communications 1(5) (1993).
9. M. Burrows, M. Abadi and R. Needham, A logic of authentication, ACM Tmnsactions on Computer Systems.
10. L. Buttyan, S. Staamann and U. Wilhelm, A simple logic for authentication protocol design, in: Proceedings of 11th IEEE Computer Security Foundations Workshop, IEEE, 1999, pp. 153-162.
11. R. Canetti, Universally composable security: A new paradigm for cryptographic protocols, in: Proc. 42nd IEEE Symp. on the Foundations of Computer Science, IEEE, 2001. Full version available at http://eprint.iacr.org/2000/067/.
12. R. Canetti, C. Meadows and P. Syverson, Environmental requirements for authentication protocols, in: Proceedings of Software Security - Theories and Systems, Mext-NSF-JSPS International Symposium, ISSS, LNCS 2609, Springer-Verlag, 2003, pp. 339-355.
13. J.A. Clark and J.L. Jacob, A survey of authentication protocol literature, Web Draft Version 1.0 available from www.cs.york.ac.uk/jac/, 1997.
14. J.A. Clark and J.L. Jacob, Searching for a solution: Engineering tradeoffs and the evolution of provably secure protocols, in: Proceedings IEEE Symposium on Research in Security and Privacy, IEEE, 2000, pp. 82-95.
15. A. Datta, A. Derek, J.C. Mitchell and D. Pavlovic, A derivation system for security protocols and its logical formalization, in: Proceedings of 16th IEEE Computer Security Foundations Workshop, IEEE, 2003, pp. 109-125.
16. A. Datta, A. Derek, J.C. Mitchell and D. Pavlovic, Secure protocol composition (Extended abstract), in: Proceedings of ACM Workshop on Formal Methods in Security Engineering, 2003, pp. 11-23.
17. A. Datta, A. Derek, J.C. Mitchell and D. Pavlovic, Abstraction and refinement in protocol derivation, in: Proceedings of 17th IEEE Computer Security Foundations Workshop, IEEE, 2004, pp. 30-45.
18. A. Datta, A. Derek, J.C. Mitchell and D. Pavlovic, Secure protocol composition, in: Proceedings of 19th Annual Conference, on Mathematical Foundations of Programming Semantics, Volume 83 of Electronic Notes in Theoretical Computer Science, 2004.
19. A. Datta, J.C. Mitchell and D. Pavlovic, Derivation of the JFK protocol, Technical Report KES.U.02.03, Kestrel Institute, 2002.
20. W. Diffie and M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory IT-22(6) (1976), 644-654.
21. W. Diffie, P.C. van Oorschot and M.J. Wiener, Authentication and authenticated key exchanges, Designs, Codes and Cryptography 2 (1992), 107-125.
22. D. Dolev and A. Yao, On the security of public-key protocols, IEEE Transactions on Information Theory 2(29) (1983).
23. N. Durgin, J.C. Mitchell and D. Pavlovic, A compositional logic for protocol correctness, in: Proceedings of 14th IEEE Computer Security Foundations Workshop, IEEE, 2001, pp. 241-255.
24. N. Durgin, J.C. Mitchell and D. Pavlovic, A compositional logic for proving security properties of protocols, Journal of Computer Security 11 (2003), 677-721.
25. L. Gong and P. Syverson, Fail-stop protocols: An approach to designing secure protocols, Dependable Computing for Critical Applications 5 (1998), 79-100.
26. J.D. Guttman and F.J.T. Fábrega, Protocol independence through disjoint encryption, in: Proceedings of 13th IEEE Computer Security Foundations Workshop, IEEE, 2000, pp. 24-34.
27. D. Harkins and D. Carrel, The Internet Key Exchange (IKE), RFC 2409, 1998.
28. N. Heintze and J.D. Tygar, A model for secure protocols and their composition, IEEE Transactions on Software Engineering 22(1) (1996), 16-30.
29. IEEE, Entity authentication mechanisms - part 3: Entity authentication using asymmetric techniques, Technical report ISO/IEC IS 9798-3, ISO/IEC, 1993.
30. J. Kelsey, B. Schneier and D. Wagner, Protocol interactions and the chosen protocol attack, in: Proceedings of the International Workshop on Security Protocols, 1997.
31. R. Kemmerer, C. Meadows and J. Millen, Three systems for cryptographic protocol analysis, J. Cryptology 7(2) (1994), 79-130.
32. H. Krawczyk, The IKE-SIGMA protocol, Internet draft, 2002.
33. G. Lowe, An attack on the Needham-Schroeder public-key protocol, Info. Proc. Letters 56 (1995), 131-133.
34. G. Lowe, Some new attacks upon security protocols, in: Proceedings of 9th IEEE Computer Security Foundations Workshop, IEEE, 1996, pp. 162-169.
35. N. Lynch, I/O automata models and proofs for shared-key communication systems, in: Proceedings of 12th IEEE Computer Security Foundations Workshop, IEEE, 1999, pp. 14-29.
36. Z. Manna and A. Pnueli, Temporal Verification of Reactive Systems: Safety, Springer-Verlag, 1995.
37. H. Mantel, On the composition of secure systems, in: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, IEEE Computer Society, 2002, pp. 88-101.
38. P. Martin-Lof, Intuitionistic Type Theory, Bibliopolis, 1984.
39. D. McCullough, Noninterference and the composability of security properties, in: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, IEEE Computer Society, 1988, pp. 177-186.
40. D. McCullough, A hookup theorem for multilevel security, IEEE Transactions on Software Engineering 16(6) (1990), 563-568.
41. J. McLean, Security models and information flow, in: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, IEEE Computer Society, 1990.
42. J. McLean, A general theory of composition for a class of "possibilistic" properties, IEEE Transactions on Software Engineering 22(1) (1996), 53-67.
43. C. Meadows, A model of computation for the NRL protocol analyzer, in: Proceedings of 7th IEEE Computer Security Foundations Workshop, IEEE, 1994, pp. 84-89.
44. C. Meadows, The NRL protocol analyzer: An overview, Journal of Logic Programming 26(2) (1996), 113-131.
45. C. Meadows, Analysis of the Internet Key Exchange protocol using the NRL protocol analyzer, in: Proceedings of the IEEE Symposium on Security and Privacy, IEEE, 1998.
46. A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.
47. R. Milner, Action structures, LFCS report ECS-LFCS-92-249, Department of Computer Science, University of Edinburgh, JCMB, The Kings Buildings, Mayfield Road, Edinburgh, December 1992.
48. R. Milner, Action calculi and the pi-calculus, in: NATO Summer School on Logic and Computation, Marktoberdorf, 1993.
49. R. Milner, Action calculi, or syntactic action structures, in: Proceedings of MFCS'93, A.M. Borzyszkowski and S. Sokolowski, eds, Volume 711 of Lecture Notes in Computer Science, Springer-Verlag, 1993, pp. 105-121.
50. R. Milner, Communicating and Mobile Systems: The π-Calculus, Cambridge University Press, Cambridge, UK, 1999.
51. J.C. Mitchell, M. Mitchell and U. Stern, Automated analysis of cryptographic protocols using Murφ, in: Proc. IEEE Symp. Security and Privacy, 1997, pp. 141-151.
52. J.C. Mitchell, A. Ramanathan, A. Scedrov and V. Teague, A probabilistic polynomial-time calculus for the analysis of cryptographic protocols (preliminary report), in: 17th Annual Conference on the Mathematical Foundations of Programming Semantics, Arhus, Denmark, 2001, S. Brookes and M. Mislove, eds, Volume 45, Electronic notes in Theoretical Computer Science, 2001.
53. R. Needham and M. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM 21(12) (1978), 993-999.
54. L. Paulson, Proving properties of security protocols by induction, in: 10th IEEE Computer Security Foundations Workshop, 1997, pp. 70-83.
55. D. Pavlovic, Categorical logic of names and abstraction in action calculi, Mathematical Structures in Computer Science 7(6) (1997), 619-637.
56. D. Peled, Software Reliability Methods, Springer-Verlag, 2001.
57. A. Perrig and D. Song, A first step towards the automatic generation of security protocols, in: Proceedings of ISOC Network and Distributed Systems Security Symposium, 2000.
58. B. Pfitzmann and M. Waidner, A model for asynchronous reactive systems and its application to secure message transmission, in: IEEE Symposium on Security and Privacy, Washington, 2001, pp. 184-200.
59. A. Ramanathan, J.C. Mitchell, A. Scedrov and V. Teague, Probabilistic bisimulation and equivalence for security analysis of network protocols, in: FOSSACS 2004 - Foundations of Software Science and Computation Structures, 2004.
60. D. Song, Athena: a new efficient automatic checker for security protocol analysis, in: Proceedings of 12th IEEE Computer Security Foundations Workshop, IEEE, 1999, pp. 192-202.
61. P. Syverson and C. Meadows, A formal language for cryptographic protocol requirements, Designs, Codes and Cryptography 7(1-2) (1996), 27-59.
62. F.J. Thayer-Fábrega, J.C. Herzog and J.D. Guttman, Strand spaces: Why is a security protocol correct? in: Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, CA, IEEE Computer Society Press, 1998, pp. 160-171.
63. F.J. Thayer-Fábrega, J.C. Herzog and J.D. Guttman, Mixed strand spaces, in: Proceedings of 12th IEEE Computer Security Foundations Workshop, IEEE, 1999.
64. T.Y.C. Woo and S.C. Lam, A semantic model for authentication protocols, in: Proceedings IEEE Symposium on Research in Security and Privacy, 1993.