Skip to main content
SpringerLink
Log in

Typing One-to-One and One-to-Many Correspondences in Security Protocols

  • Conference paper
  • First Online:
Book cover Software Security — Theories and Systems (ISSS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Included in the following conference series:

Abstract

Both one-to-one and one-to-many correspondences between events, sometimes known as injective and non-injective agreements, respectively, are widely used to specify correctness properties of cryptographic protocols. In earlier work, we showed how to typecheck one-to-one correspondences for protocols expressed in the spi-calculus. We present a new type and e.ect system able to verify both one-to-one and one-to-many correspondences.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and B. Blanchet. Secrecy types for asymmetric communication. In Foundations of Software Science and Computation Structures, volume 2030 of Lecture Notes in Computer Science, pages 25–41. Springer, 2001.

    Chapter  Google Scholar 

  2. M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749–786, September 1999.

    Article  MATH  MathSciNet  Google Scholar 

  3. M. Abadi, C. Fournet, and G. Gonthier. Secure communications implementation of channel abstractions. In 13th IEEE Symposium on Logic in Computer Science (LICS’98), pages 105–116, 1998.

    Google Scholar 

  4. M. Abadi, C. Fournet, and G. Gonthier. Authentication primitives and their compilation. In 27th ACM Symposium on Principles of Programming Languages (POPL’00), pages 302–315, 2000.

    Google Scholar 

  5. M. Abadi and A.D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1–70, 1999.

    Article  MATH  MathSciNet  Google Scholar 

  6. R. Anderson and R. Needham. Programming Satan’s computer. In J. van Leeuwen, editor, Computer Science Today: Recent Trends and Developments, volume 1000 of Lecture Notes in Computer Science, pages 426–440. Springer, 1995.

    Google Scholar 

  7. M. Burrows, M. Abadi, and R.M. Needham. A logic of authentication. Proceedings of the Royal Society of London A, 426:233–271, 1989.

    Google Scholar 

  8. F. Butler, I. Cervesato, A.D. Jaggard, and A. Scedrov. A formal analysis of some properties of Kerberos 5 using MSR. In 15th IEEE Computer Security Foundations Workshop, pages 175–190. IEEE Computer Society Press, 2002.

    Google Scholar 

  9. B. Blanchet. From secrecy to authenticity in security protocols. In 9th International Static Analysis Symposium (SAS’02), volume 2477 of Lecture Notes in Computer Science, pages 242–259. Springer, 2002.

    Google Scholar 

  10. I. Cervesato. Typed MSR: Syntax and examples. In First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security, volume 2052 of Lecture Notes in Computer Science, pages 159–177. Springer, 2001.

    Google Scholar 

  11. D. Duggan. Cryptographic types. In 15th IEEE Computer Security Foundations Workshop, pages 238–252. IEEE Computer Society Press, 2002.

    Google Scholar 

  12. D. Dolev and A.C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208, 1983.

    Article  MathSciNet  Google Scholar 

  13. J. Engelfriet. A multiset semantics for the pi-calculus with replication. Theoretical Computer Science, 153:65–94, 1996.

    Article  MATH  MathSciNet  Google Scholar 

  14. R. Focardi and R. Gorrieri. A classi.cation of security properties for process algebra. Journal of Computer Security, 3(1):5–33, 1994.

    Google Scholar 

  15. R. Focardi, R. Gorrieri, and F. Martinelli. Message authentication through non-interference. In International Conference on Algebraic Methodology And Software Technology (AMAST2000), volume 1816 of Lecture Notes in Computer Science, pages 258–272. Springer, 2000.

    Google Scholar 

  16. A.D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. In 14th IEEE Computer Security Foundations Workshop, pages 145–159. IEEE Computer Society Press, 2001.

    Google Scholar 

  17. A.D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. In Mathematical Foundations of Programming Semantics 17, volume 45 of Electronic Notes in Theoretical Computer Science. Elsevier, 2001.

    Google Scholar 

  18. A.D. Gordon and A. Jeffrey. Types and e.ects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop, pages 77–91. IEEE Computer Society Press, 2002.

    Google Scholar 

  19. D.K. Gifford and J.M. Lucassen. Integrating functional and imperative programming. In ACM Conference on Lisp and Functional Programming, pages 28–38, 1986.

    Google Scholar 

  20. D. Gollmann. Authentication by correspondence. IEEE Journal on Selected Areas in Communication, 2002. To appear.

    Google Scholar 

  21. A.D. Gordon and R. Pucella. Validating a web service security abstraction by typing. In ACM Workshop on XML Security, 2002. To appear.

    Google Scholar 

  22. J.D. Guttman and F.J. Thayer. Authentication tests and the structure of bundles. Theoretical Computer Science, 283(2):333–380, 2002.

    Article  MATH  MathSciNet  Google Scholar 

  23. B.A. LaMacchia, S. Lange, M. Lyons, R. Martin, and K.T. Price..NET Framework Security. Addison Wesley Professional, 2002.

    Google Scholar 

  24. G. Lowe. A hierarchy of authentication speci.cations. In 10th IEEE Computer Security Foundations Workshop, pages 31–43. IEEE Computer Society Press, 1997.

    Google Scholar 

  25. T. Lindholm and F. Yellin. The Java Virtual Machine Speci.cation. Addison-Wesley, 1997.

    Google Scholar 

  26. C. Meadows. The NRL Protocol Analyzer: An overview. Journal of Logic Programming, 26(2):113–131, 1996.

    Article  MATH  Google Scholar 

  27. L.C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–128, 1998.

    Google Scholar 

  28. B. Pierce and E. Sumii. Relating cryptography and polymorphism. Available from the authors, 2000.

    Google Scholar 

  29. A.W. Roscoe. Intensional speci.cations of security protocols. In 8th IEEE Computer Security Foundations Workshop, pages 28–38. IEEE Computer Society Press, 1996.

    Google Scholar 

  30. S.A. Schneider. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9):741–758, 1998.

    Article  Google Scholar 

  31. A. Sabelfeld and A.C. Myers. Language-based information-flow security.IEEE Journal on Selected Areas in Communication, 2002. To appear.

    Google Scholar 

  32. T.Y.C. Woo and S.S. Lam. A semantic model for authentication protocols. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 178–194, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, USA

    Andrew D. Gordon

  2. DePaul University, USA

    Alan Jefrey

Authors
  1. Andrew D. Gordon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alan Jefrey
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gordon, A.D., Jefrey, A. (2003). Typing One-to-One and One-to-Many Correspondences in Security Protocols. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_17

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_17

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation