Abstract
Authentication protocols are very simple distributed algorithms whose purpose is to enable two entities to achieve mutual and reliable agreement on some piece of information, typically the identity of the other party, its presence, the origin of a message, its intended destination. Achieving the intended agreement guarantees is subtle because they typically are the result of the encryption/decryption of messages composed of different parts, with each part providing a “piece” of the authentication guarantee. This tutorial paper presents the basics of authentication protocols and illustrates a specific technique for statically analysing protocol specifications. The technique allows us to validate protocols in the presence of both malicious outsiders and compromised insiders, with no limitation on the number of parallel sessions.
This paper covers the course “Static Analysis of Authentication” given by the author at the FOSAD’04 school. The static analysis technique described here is a joint work with Michele Bugliesi and Matteo Maffei (Università di Venezia)[8,12]. .
Work partially supported by EU Contract IST-2001-32617 ‘MyThS’ and by MIUR Project ‘Abstract Interpretation: Design and Applications’ (AIDA).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theor. Comput. Sci. 298(3), 387–415 (2003)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)
Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22(1), 6–15 (1996)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. In: Proceedings of Foundations of Software Science and Computation Structures, pp. 136–152 (2003)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Automatic validation of protocol narration. In: Proceedings of 16th IEEE Computer Security Foundations Workshop (CSFW 2003), pp. 126–140. IEEE Computer Society Press, Los Alamitos (June 2003)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Control flow analysis can find new flaws too. In: Proceedings of the Workshop on Issues on the Theory of Security (WITS 2004), ENTCS. Elsevier, Amsterdam (2004)
Boreale, M.: Symbolic trace analysis of cryptographic protocols. In: Orejas, F., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 667–681. Springer, Heidelberg (2001)
Bugliesi, M., Focardi, R., Maffei, M.: Dynamic types for authentication (full version) (submitted for Publication)
Bugliesi, M., Focardi, R., Maffei, M.: Principles for entity authentication. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 294–307. Springer, Heidelberg (2004)
Bugliesi, M., Focardi, R., Maffei, M.: Compositional analysis of authentication protocols. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 140–154. Springer, Heidelberg (2004)
Bugliesi, M., Focardi, R., Maffei, M.: Analysis of typed-based analyses of authentication protocols. In: Proceedings of 18th IEEE Computer Security Foundations Workshop (CSFW 2005). IEEE Press, Los Alamitos (2005) (to appear)
Bugliesi, M., Focardi, R., Maffei, M.: Authenticity by tagging and typing. In: 2nd ACM Workshop on Formal Methods in Security Engineering: From Specifications to Code (FMSE 2004), pp. 1–12. ACM press, New York (October 2004) ISBN 1-58113-971-3
Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (November 1997), http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz
Focardi, R., Gorrieri, R., Martinelli, F.: Non interference for the analysis of cryptographic protocols. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 354–372. Springer, Heidelberg (2000)
Focardi, R., Maffei, M., Placella, F.: Inferring authentication tags. In: Proceedings of IFIP WG 1.7, ACM SIGPLAN and GI FoMSESS Workshop on Issues on the Theory of Security (WITS 2005). ACM Digital Library, New York (January 2005)
Gordon, A., Jeffrey, A.: Authenticity by typing for security protocols. In: Proceedings of 14th IEEE Computer Security Foundations Workshop (CSFW 2001), pp. 145–159. IEEE Computer Society Press, Los Alamitos (June 2001)
Gordon, A., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. In: Proceedings of 15th IEEE Computer Security Foundations Workshop (CSFW 2002), June 24-26, pp. 77–91. IEEE Computer Society Press, Los Alamitos (2002)
Gordon, A., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. Journal of Computer Security 12(3/4), 435–484 (2004)
Guttman, J.D., Thayer Fàbrega, F.J.: Authentication tests and the structure of bundles. Theoretical Computer Science 283(2), 333–380 (2002)
Guttman, J.D., Thayer, F.J., Carlson, J.A., Herzog, J.C., Ramsdell, J.D., Sniffen, B.T.: Trust management in strand spaces: a rely-guarantee method. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 325–339. Springer, Heidelberg (2004)
Guttman, J.D., Thayer, F.J.: Protocol independence through disjoint encryption. In: Proceedings of 13th IEEE Computer Security Foundations Workshop (CSFW 2000), pp. 24–34. IEEE Computer Society Press, Los Alamitos (July 2000)
Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: Proceedings of 13th IEEE Computer Security Foundations Workshop (CSFW 2000), pp. 255–268. IEEE Computer Society Press, Los Alamitos (July 2000)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Lowe, G.: A Hierarchy of Authentication Specification. In: Proceedings of the 10th Computer Security Foundation Workshop (CSFW 1997), pp. 31–44. IEEE Computer Society Press, Los Alamitos (1997)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using murφ. In: Proceedings of the 1997 IEEE Symposium on Research in Security and Privacy, pp. 141–153. IEEE Computer Society Press, Los Alamitos (1997)
Needham, R.M., Schroeder, M.D.: Authentication revisited. ACM SIGOPS Operating Systems Review 21(1), 7–7 (1987)
Paulson, L.C.: Relations between secrets: Two formal analyses of the yahalom protocol. Journal of Computer Security 9(3), 197–216 (2001)
Stinson, D.R.: Cryptography, Theory and Practice. CRC Press, Boca Raton (1995)
Thayer, J., Herzog, J., Guttman, J.: Strand spaces: Proving security protocols correct. Journal of Computer Security 7(2/3) (1999)
Woo, T.Y.C., Lam, S.S.: A Semantic Model for Authentication Protocols. In: Proceedings of 1993 IEEE Symposium on Security and Privacy, pp. 178–194 (1993)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Focardi, R. (2005). Static Analysis of Authentication. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds) Foundations of Security Analysis and Design III. FOSAD FOSAD 2005 2004. Lecture Notes in Computer Science, vol 3655. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11554578_4
Download citation
DOI: https://doi.org/10.1007/11554578_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28955-5
Online ISBN: 978-3-540-31936-8
eBook Packages: Computer ScienceComputer Science (R0)