Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security and Trust Management

STM 2018: Security and Trust Management pp 20–36Cite as

Modular Verification of Sequential Composition for Private Channels in Maude-NPA

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11091))

Abstract

This paper gives a modular verification methodology in which, given parametric specifications of a key establishment protocol P and a protocol Q providing private channel communication, security and authenticity properties of their sequential composition \(P\; ;\; Q\) can be reduced to: (i) verification of corresponding properties for P, and (ii) verification of corresponding properties for an abstract version \(Q^\alpha \) of Q in which keys have been suitably abstracted. Our results improve upon previous work in this area in several ways. First of all, we both support a large class of equational theories and provide tool support via the Maude-NPA cryptographic protocol analysis tool. Secondly as long as certain conditions on P and Q guaranteeing the secrecy of keys inherited by Q from P are satisfied, our results apply to the composition of any two reachability properties of the two protocols.

Partially supported by the EU (FEDER) and the Spanish MINECO under grant TIN 2015-69175-C4-1-R, by the Generalitat Valenciana under grant PROMETEOII/2015/013, by the US Air Force Office of Scientific Research under award number FA9550-17-1-0286, and by NRL under contract number N00173-17-1-G002.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Available at http://personales.upv.es/sanesro/Maude-NPA-channel/.

References

  1. Andova, S., Cremers, C.J.F., Gjøsteen, K., Mauw, S., Mjølsnes, S.F., Radomirovic, S.: A framework for compositional verification of security protocols. Inf. Comput. 206(2–4), 425–459 (2008)

    Article  MathSciNet  Google Scholar 

  2. Arapinis, M., Cheval, V., Delaune, S.: Composing security protocols: from confidentiality to privacy. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 324–343. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46666-7_17

    Chapter  Google Scholar 

  3. Cheval, V., Cortier, V., le Morvan, E.: Secure refinements of communication channels. In: 35th IARCS Annual Conference on Foundation of Software Technology and Theoretical Computer Science, FSTTCS 2015, India (2015)

    Google Scholar 

  4. Cheval, V., Cortier, V., Warinschi, B.: Secure composition of PKIs with public key protocols. In: CSF 2017. Santa Barbara, USA, pp. 144–158 (2017)

    Google Scholar 

  5. Chevalier, C., Delaune, S., Kremer, S., Ryan, M.D.: Composition of password-based protocols. Form. Methods Syst. Des. 43(3), 369–413 (2013)

    Article  Google Scholar 

  6. Ciobâcă, Ş., Cortier, V.: Protocol composition for arbitrary primitives. In: CSF 2010, Edinburgh, United Kingdom, pp. 322–336 (2010)

    Google Scholar 

  7. Cortier, V., Delaune, S.: Safely composing security protocols. Form. Methods Syst. Des. 34(1), 1–36 (2009)

    Article  Google Scholar 

  8. Cremers, C.: Key exchange in IPsec revisited: formal analysis of IKEv1 and IKEv2. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 315–334. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_18

    Chapter  Google Scholar 

  9. Escobar, S., Meadows, C., Meseguer, J., Santiago, S.: A rewriting-based forwards semantics for Maude-NPA. In: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, HotSoS 2014. ACM (2014)

    Google Scholar 

  10. Fabrega, F.J.T., Herzog, J., Guttman, J.: Strand spaces: what makes a security protocol correct? J. Comput. Secur. 7, 191–230 (1999)

    Article  Google Scholar 

  11. Groß, T., Mödersheim, S.: Vertical protocol composition. In: CSF 2011. Cernay-la-Ville, France, pp. 235–250 (2011)

    Google Scholar 

  12. Guttman, J.D., Thayer, F.J.: Protocol independence through disjoint encryption. In: CSFW, pp. 24–34 (2000)

    Google Scholar 

  13. Hess, A.V., Mödersheim, S.A., Brucker, A.D.: Stateful protocol composition. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11098, pp. 427–446. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99073-6_21

    Chapter  Google Scholar 

  14. Mödersheim, S., Viganò, L.: Sufficient conditions for vertical composition of security protocols. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014, pp. 435–446. ACM (2014)

    Google Scholar 

  15. Santiago, S., Escobar, S., Meadows, C.A., Meseguer, J.: Effective sequential protocol composition in Maude-NPA. CoRR abs/1603.00087 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Illinois at Urbana-Champaign, Champaign, IL, USA

    Fan Yang & José Meseguer

  2. Universitat Politècnica de València, Valencia, Spain

    Santiago Escobar

  3. Naval Research Laboratory, Washington, DC, USA

    Catherine Meadows

Authors
  1. Fan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santiago Escobar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Catherine Meadows
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. José Meseguer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Fan Yang or Catherine Meadows .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis K. Katsikas

  2. University of Malaga, Malaga, Spain

    Cristina Alcaraz

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, F., Escobar, S., Meadows, C., Meseguer, J. (2018). Modular Verification of Sequential Composition for Private Channels in Maude-NPA. In: Katsikas, S., Alcaraz, C. (eds) Security and Trust Management. STM 2018. Lecture Notes in Computer Science(), vol 11091. Springer, Cham. https://doi.org/10.1007/978-3-030-01141-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-01141-3_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-01140-6

  • Online ISBN: 978-3-030-01141-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation