Skip to main content
SpringerLink
Log in

Validating Integrity for the Ephemerizer’s Protocol with CL-Atse

  • Chapter
Book cover Formal to Practical Security

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5458))

Abstract

It is usually very difficult in Computer Science to make an information “disappear” after a certain time, once it has been published or mirrored by servers world wide. This, however, is the goal of the IBM ephemerizer’s protocol by Radia Perlman. We present in this paper the general structure of the CL-Atse protocol analysis tool from the AVISPA’s tool-suite, and symbolic analysis of the ephemerizer’s protocol and its extensions using CL-Atse. This protocol allows transmitting a data which retrieval is guarantied to be impossible after a certain time. We show that this protocol is secure for this property plus the secrecy of the data, but is trivially non secure for its integrity. We model a standard integrity check as a first extension to this protocol, which is natural and close to common usage, and we present a second extension for integrity that is much less obvious and deeply integrated in the structure of the ephemerizer’s protocol. Then, we show that while the first extension guaranty the basic integrity property under certain conditions, the second one is much stronger and allows faster computations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Amadio, R., Lugiez, D., Vanackère, V.: On the symbolic reduction of processes with cryptographic functions. Theor. Comput. Sci. 290(1), 695–740 (2003)

    Article  MATH  Google Scholar 

  2. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Team. The Avispa Tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Armando, A., Compagna, L.: An Optimized Intruder Model for SAT-based Model-Checking of Security Protocols. In: Proceedings of the Workshop on Automated Reasoning for Security Protocol Analysis (ARSPA 2004). ENTCS, vol. 125(1), pp. 91–108 (2005)

    Google Scholar 

  4. Arora, C.: The Ephemerizer’s specification files in HLPSL, http://www.loria.fr/~turuani/Ephemerizer_models.zip

  5. Baader, F., Schulz, K.U.: Unification in the Union of Disjoint Equational Theories: Combining Decision Procedures. Journal of Symbolic Computing 21(2), 211–243 (1996)

    Article  MATH  Google Scholar 

  6. Basin, D., Mödersheim, S., Viganò, L.: OFMC: A symbolic model checker for security protocols. International Journal of Information Security 4(3), 181–208 (2005)

    Article  Google Scholar 

  7. Boichut, Y., Héam, P.-C., Kouchnarenko, O.: Automatic Verification of Security Protocols Using Approximations. INRIA Research Report RR-5727 (October 2005), http://www.inria.fr/rrrt/rr-5727.html

  8. Blanchet, B.: An Ecient Cryptographic Protocol Verier Based on Prolog Rules. In: Proceedings of 14th IEEE Computer Security Foundations Workshop (CSFW). IEEE Computer Society, Los Alamitos (2001)

    Google Scholar 

  9. Boreale, M.: Symbolic trace analysis of cryptographic protocols. In: Orejas, F., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 667–681. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with xor. In: Proceedings of LICS 2003 (2003)

    Google Scholar 

  11. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 124–135. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Chevalier, Y., Vigneron, L.: A Tool for Lazy Verification of Security Protocols. In: Proceedings of the Automated Software Engineering Conference (ASE 2001), IEEE CSP, Los Alamitos (2001)

    Google Scholar 

  13. Clark, J., Jacob, J.: A Survey of Authentication Protocol Literature: Version 1.0, November 17 (1997), www.cs.york.ac.uk/~jac/papers/drareview.ps.gz

  14. Corin, R., Etalle, S.: An improved constraint-based system for the verification of security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 326–341. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Cremers, C.J.F.: Unbounded verification, falsification, and characterization of security protocols by pattern refinement. In: Proceedings of the 15th ACM conference on Computer and Communications Security. ACM, New York (2008)

    Google Scholar 

  16. Cremers, C., Lafourcade, P.: Comparing State Spaces in Automatic Protocol Verification. In: Proceedings of the Seventh International Workshop on Automated Verification of Critical Systems (AVoCS 2007), Elsevier Science Direct, Amsterdam (2007)

    Google Scholar 

  17. Dolev, D., Yao, A.C.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)

    Article  MATH  Google Scholar 

  18. Meadows, C.: Open issues in formal methods for cryptographic protocol analysis. In: Proceedings of DISCEX 2000, pp. 237–250. IEEE Computer Society Press, Los Alamitos (2000)

    Google Scholar 

  19. Millen, J., Shmatikov, V.: Symbolic protocol analysis with products and Diffie-Hellman exponentiation. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW 2003), pp. 47–61 (2003)

    Google Scholar 

  20. Perlman, R.: The Ephemerizer: Making Data Disappear. Technical report, Sun Labs (2005), http://www.research.sun.com/techrep/2005/smll-tr02005-140.pdf

  21. Rusinowitch, M., Turuani, M.: Protocol Insecurity with Finite Number of Sessions is NP-complete. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), pp. 174–190 (2001)

    Google Scholar 

  22. Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Technology, Delhi, India

    Charu Arora

  2. Loria-INRIA, Vandoeuvre-lès-Nancy, France

    Mathieu Turuani

Authors
  1. Charu Arora
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mathieu Turuani
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. LORIA, Équipe Cassis, Bât. A, Campus Scientifique, BP 239, 54506, Vandoeuvre-lès-Nancy Cedex, France

    Véronique Cortier

  2. Centre de Recherche, INRIA Bordeaux – Sud-Ouest, Bât. A29, 351 Cours de la Libération, 33405, Talence, France

    Claude Kirchner

  3. Department of Philosophy, Keio University, 2-15-45 Mita, Minato-ku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  4. 3-1 Morinosato Wakamiya Atsugi-shi, 243-0198, Kanagawa, Japan

    Hideki Sakurada

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Arora, C., Turuani, M. (2009). Validating Integrity for the Ephemerizer’s Protocol with CL-Atse. In: Cortier, V., Kirchner, C., Okada, M., Sakurada, H. (eds) Formal to Practical Security. Lecture Notes in Computer Science, vol 5458. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02002-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02002-5_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02001-8

  • Online ISBN: 978-3-642-02002-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation