Abstract
To construct a highly-assured implementation of secure communication channels we must have clear definitions of the security services, the channels, and under what assumptions these channels provide the desired services. We formally define secure channel services and develop a detailed example. The example is a core protocol common to a family of secure email systems.We identify the necessary properties of cryptographic algorithms to ensure that the email protocol is secure, and we verify that the email protocol provides secure services under these assumptions. We carry out the definitions and verifications in higher-order logic using the HOL theorem-prover. All our definitions and theorems are conservative extensions to the logic of HOL.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abadi and A. Gordon. A calculus for cryptographic protocols: the spi calculus. Information and Computation, 148(1):1–70, January 1999. Also appeared as SRC Research Report 149.
Stephen H. Brackin. A HOL Extension of GNY for Automatically Analyzing Cryptographic Protocols. In Proceedings of 9th IEEE Computer Security Foundation Workshop, pages 62–76, June 1996.
M. Burrows, M. Abadi, and R. Needham. A Logic of Authentication. ACM Transactions on Computer Systems, 8(1):18–36, February 1990. Also appeared as SRC Research Report 39.
M.J.C. Gordon. Why Higher-Order Logic is a Good Formalism for Specifying and Verifying Hardware. In G. Milne and P.A. Subrahmanyam, editors, VLSI specification, verification and synthesis. North Holland, 1986.
M.J.C. Gordon. A Proof Generating System for Higher-Order Logic. In G. Birtwistle and P. A. Subramanyam, editors, VLSI specification, verification and synthesis. Kluwer, 1987.
Roberto Gorrieri and Paul Syverson. Varieties of Authentication. In Proceedings of 11th IEEE Computer Security Foundations Workshop, pages 79–82, 1998.
Charlie Kaufman, Radia Perlman, and Mike Speciner. Network Security Private Communication in a Public World. Prentice Hall, New Jersey, 1995.
Butler Lampson, Martin Abadi, Michael Burrows, and Edward P. Wobber. Authentication in Distributed Systems: Theory and Practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992. Also appeared as SRC Research Report 83.
J. Linn. Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures. RFC 1421, DEC, February 1993. ftp://ds.internic.net.
G. Lowe. Casper: A Compiler for the Analysis of Security Protocols. In Proceedings of 10th IEEE Computer Security Foundations Workshop, pages 18–30, 1997.
Catherine A. Meadows. The NRL Protocol Analyzer: An Overview. In The Proceedings of Second International Conference on the Practical Applications of Prolog, April 1994.
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, New York, 1996.
R.M. Needham and M.D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 21:993–999, 1978.
Jennifer G. Steiner, Clifford Neuman, and Jeffrey I. Schiller. Kerberos: An Authentication Service for Open Network Systems. In Proceedings of the USENIX Winter Conference, pages 191–202, February 1988.
Dan Zhou, Joncheng C. Kuo, Susan Older, and Shiu-Kai Chin. Formal Development of Secure Email. In Proceedings of the 32nd Hawaii International Conference on System Sciences, January 1999.
P.R. Zimmermann. The Official PGP User’s Guide. MIT Press, Cambridge, Massachusetts, 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhou, D., Chin, SK. (1999). Formal Analysis of a Secure Communication Channel: Secure Core-Email Protocol. In: Wing, J.M., Woodcock, J., Davies, J. (eds) FM’99 — Formal Methods. FM 1999. Lecture Notes in Computer Science, vol 1708. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48119-2_42
Download citation
DOI: https://doi.org/10.1007/3-540-48119-2_42
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66587-8
Online ISBN: 978-3-540-48119-5
eBook Packages: Springer Book Archive