Abstract
Both one-to-one and one-to-many correspondences between events, sometimes known as injective and non-injective agreements, respectively, are widely used to specify correctness properties of cryptographic protocols. In earlier work, we showed how to typecheck one-to-one correspondences for protocols expressed in the spi-calculus. We present a new type and e.ect system able to verify both one-to-one and one-to-many correspondences.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abadi and B. Blanchet. Secrecy types for asymmetric communication. In Foundations of Software Science and Computation Structures, volume 2030 of Lecture Notes in Computer Science, pages 25–41. Springer, 2001.
M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749–786, September 1999.
M. Abadi, C. Fournet, and G. Gonthier. Secure communications implementation of channel abstractions. In 13th IEEE Symposium on Logic in Computer Science (LICS’98), pages 105–116, 1998.
M. Abadi, C. Fournet, and G. Gonthier. Authentication primitives and their compilation. In 27th ACM Symposium on Principles of Programming Languages (POPL’00), pages 302–315, 2000.
M. Abadi and A.D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1–70, 1999.
R. Anderson and R. Needham. Programming Satan’s computer. In J. van Leeuwen, editor, Computer Science Today: Recent Trends and Developments, volume 1000 of Lecture Notes in Computer Science, pages 426–440. Springer, 1995.
M. Burrows, M. Abadi, and R.M. Needham. A logic of authentication. Proceedings of the Royal Society of London A, 426:233–271, 1989.
F. Butler, I. Cervesato, A.D. Jaggard, and A. Scedrov. A formal analysis of some properties of Kerberos 5 using MSR. In 15th IEEE Computer Security Foundations Workshop, pages 175–190. IEEE Computer Society Press, 2002.
B. Blanchet. From secrecy to authenticity in security protocols. In 9th International Static Analysis Symposium (SAS’02), volume 2477 of Lecture Notes in Computer Science, pages 242–259. Springer, 2002.
I. Cervesato. Typed MSR: Syntax and examples. In First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security, volume 2052 of Lecture Notes in Computer Science, pages 159–177. Springer, 2001.
D. Duggan. Cryptographic types. In 15th IEEE Computer Security Foundations Workshop, pages 238–252. IEEE Computer Society Press, 2002.
D. Dolev and A.C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208, 1983.
J. Engelfriet. A multiset semantics for the pi-calculus with replication. Theoretical Computer Science, 153:65–94, 1996.
R. Focardi and R. Gorrieri. A classi.cation of security properties for process algebra. Journal of Computer Security, 3(1):5–33, 1994.
R. Focardi, R. Gorrieri, and F. Martinelli. Message authentication through non-interference. In International Conference on Algebraic Methodology And Software Technology (AMAST2000), volume 1816 of Lecture Notes in Computer Science, pages 258–272. Springer, 2000.
A.D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. In 14th IEEE Computer Security Foundations Workshop, pages 145–159. IEEE Computer Society Press, 2001.
A.D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. In Mathematical Foundations of Programming Semantics 17, volume 45 of Electronic Notes in Theoretical Computer Science. Elsevier, 2001.
A.D. Gordon and A. Jeffrey. Types and e.ects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop, pages 77–91. IEEE Computer Society Press, 2002.
D.K. Gifford and J.M. Lucassen. Integrating functional and imperative programming. In ACM Conference on Lisp and Functional Programming, pages 28–38, 1986.
D. Gollmann. Authentication by correspondence. IEEE Journal on Selected Areas in Communication, 2002. To appear.
A.D. Gordon and R. Pucella. Validating a web service security abstraction by typing. In ACM Workshop on XML Security, 2002. To appear.
J.D. Guttman and F.J. Thayer. Authentication tests and the structure of bundles. Theoretical Computer Science, 283(2):333–380, 2002.
B.A. LaMacchia, S. Lange, M. Lyons, R. Martin, and K.T. Price..NET Framework Security. Addison Wesley Professional, 2002.
G. Lowe. A hierarchy of authentication speci.cations. In 10th IEEE Computer Security Foundations Workshop, pages 31–43. IEEE Computer Society Press, 1997.
T. Lindholm and F. Yellin. The Java ™ Virtual Machine Speci.cation. Addison-Wesley, 1997.
C. Meadows. The NRL Protocol Analyzer: An overview. Journal of Logic Programming, 26(2):113–131, 1996.
L.C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–128, 1998.
B. Pierce and E. Sumii. Relating cryptography and polymorphism. Available from the authors, 2000.
A.W. Roscoe. Intensional speci.cations of security protocols. In 8th IEEE Computer Security Foundations Workshop, pages 28–38. IEEE Computer Society Press, 1996.
S.A. Schneider. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9):741–758, 1998.
A. Sabelfeld and A.C. Myers. Language-based information-flow security.IEEE Journal on Selected Areas in Communication, 2002. To appear.
T.Y.C. Woo and S.S. Lam. A semantic model for authentication protocols. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 178–194, 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gordon, A.D., Jefrey, A. (2003). Typing One-to-One and One-to-Many Correspondences in Security Protocols. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_17
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive