Abstract
Much attention has been paid to the design of languages for the specification of cryptographic protocols. However, the ability to specify their desired behavior correctly is also important; indeed many perceived protocol flaws arise out of a misunderstanding of the protocol’s requirements. In this talk we give a brief survey of the history of requirements specification in formal analysis of cryptographic protocols. We outline the main approaches and describe some of the open issues.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749–786, September 1999.
M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, to appear.
M. Bellare and P. Rogaway. Entity authentication and key distribution. In Advances in Cryptology-CRYPTO’ 93. Springer-Verlag, 1993.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In Advances in Cryptology-Proceedings of CRYPTO 91. Springer-Verlag, 1991.
Michael Burrows, MartÃn Abadi, and Roger Needham. A Logic of Authentication. ACM Transactions in Computer Systems, 8(1):18–36, February 1990.
L. Buttyán and J.-P. Hubaux. Rational exchange-a formal model based on game theory. In 2nd International Workshop on Electronic Commerce (WELCOM’01), 16–17 November 2001.
I. Cervesato and C. Meadows. A fault-tree representation of NPATRL security requirements. submitted for publication, 2003.
Whitfield Diffie, Paul C. van Oorschot, and Michael J. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes, and Cryptography, 2:107–125, 1992.
D. Dolev and A. Yao. On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 29(2):198–208, March 1983.
F. J. Thayer Fábrega, J. Herzog, and J. Guttman. Strand space pictures. In Proceedings of the Workshop on Formal Methods and Security Protocols, 1998. available at http://www.cs.bell-labs.com/who/nch/fmsp/program.html.
F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 160–171. IEEE Computer Society Press, May 1998.
R. Focardi, R. Gorrieri, and F. Martinelli. Non interference for the analysis of cryptographic protocols. In U. Montanari, editor, 27th International Colloquium on Automata, Languages and Programming (ICALP’00). Springer Verlag: LNCS 1583, July 2000.
Li Gong and Paul Syverson. Fail-stop protocols: An approach to designing secure protocols. In R. K. Iyer, M. Morganti, Fuchs W. K, and V. Gligor, editors, Dependable Computing for Critical Applications 5, pages 79–100. IEEE Computer Society, 1998.
J. Goquen and J. Meseguer. Security policy and security models. In Proceedings of the 1982 Symposium on Security and Privacy, pages 11–20. IEEE Computer Society Press, 1982.
A. Gordon and A. Jeffrey. Authenticity by typing in security protocols. In Proceedings of the 14th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 2001.
A. Gordon and A. Jeffrey. Typing one-to-one and one-to-many correspondences in security protocols. In International Software Security Symposium (ISSS 2002). Springer LNCS, 2003.
Paul Hoffman. Features of proposed successors to IKE. Internet Draft draft-ietfipsec-soi-features-01.txt, May 31 2002. available at http://ietf.org/internet-drafts/draft-ietf-ipsec-soi-features-01.txt.
G. Lowe. Some new attacks on security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 162–169. IEEE Computer Society Press, 1996.
G. Lowe. A hierarchy of authentication speciifications. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, pages 31–43. IEEE Computer Society Press, 1997.
C. Meadows. Applying Formal Methods to the Analysis of a Key Management Protocol. Journal of Computer Security, 1:5–53, 1992.
C. Meadows. A cost-based framework for analysis of denial of service in networks. Journal of Computer Security, 2001.
C. Meadows and P. Syverson. A formal specification of requirements for payment in the SET protocol. In Proceedings of Financial Cryptography’ 98. Springer-Verlag LLNCS, 1998.
C. Meadows, P. Syverson, and I. Cervesato. Formalizing GDOI group key management requirements in NPATRL. In Proceedings of the ACM Conference on Computer and Communications Security. ACM, November 2001.
J. K. Millen, S. C. Clark, and S. B. Freedman. The Interrogator: Protocol Security Analysis. IEEE Transactions on Software Engineering, SE-13(2), 1987.
J.C. Mitchell, A. Ramanathan, A. Scedrov, and V. Teague. A probabilistic polynomial-time calculus for analysis of cryptographic protocols (preliminary report). Electronic Notes in Theoretical Computer Science, 45, 2001.
G. Norman and V. Shmatikov. Analysis of probabilistic contract signing. In BCSFACS Formal Aspects of Security (FASec’ 02), 2002.
A. W. Roscoe. Intensional specification of security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 28–38. IEEE Computer Society Press, June 10–12 1996.
S. Schneider. Security properties and CSP. In IEEE Computer Society Symposium on Security and Privacy. IEEE Computer Society Press, 1996.
V. Shmatikov. Probabilistic analysis of anonymity. In Proceedings of the 15th Computer Security Foundations Workshop. IEEE Computer Society Press, June 2002.
P. Syverson and C. Meadows. Formal requirements for key distribution protocols. In Proceedings of Eurocrypt’ 94. Springer-Verlag, 1994.
P. Syverson and C. Meadows. A formal language for cryptographic protocol requirements. Designs, Codes, and Cryptography, 7(1/2):27–59, 1996.
Paul Syverson and Catherine Meadows. A Logical Language for Specifying Cryptographic Protocol Requirements. In Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pages 165–177. IEEE Computer Society Press, Los Alamitos, California, 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Meadows, C. (2003). What Makes a Cryptographic Protocol Secure? The Evolution of Requirements Specification in Formal Cryptographic Protocol Analysis. In: Degano, P. (eds) Programming Languages and Systems. ESOP 2003. Lecture Notes in Computer Science, vol 2618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36575-3_2
Download citation
DOI: https://doi.org/10.1007/3-540-36575-3_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00886-6
Online ISBN: 978-3-540-36575-4
eBook Packages: Springer Book Archive