Abstract
Several approaches have been developed for analyzing security protocols. These include specialized logics that formalize notions such as secrecy and belief, special-purpose automated tools for cryptographic protocol analysis, and methods that apply general theoremproving or model-checking tools to security protocols. This short document, written to accompany the author's invited lecture, provide background information and references on finite-state methods that use standard model-checking tools.
Chapter PDF
Keywords
- Security Protocol
- Cryptographic Protocol
- Cryptographic Primitive
- Malicious Adversary
- Probabilistic Encryption
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Burrows, M. Abadi, and R. Needham. A logic of authentication. Proceedings of the Royal Society, Series A, 426 (1871):233–271, 1989. Also appeared as SRC Research Report 39 and, in a shortened form, in ACM Transactions on Computer Systems 8, 1 (February 1990), 18–36.
D. L. Dill, A. J. Drexler, A. J. Hu, and C. H. Yang. Protocol verification as a hardware design aid. In IEEE International Conference on Computer Design: VLSI in Computers and Processors, pages 522–5, 1992.
D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography (extended abstract). In Proc. 23rd Annual ACM Symposium on the Theory of Computing, pages 542–552, 1991.
D. Dolev and A. Yao. On the security of public-key protocols. In Proc. 22nd Annual IEEE Symp. Foundations of Computer Science, pages 350–357, 1981.
A. Freier, P. Karlton, and P. Kocher. The SSL protocol version 3.0. draft-ietf-tls-ssl-version3-00. txt, November 18 1996.
S. Goldwasser and S. Micali. Probabilistic encryption. J. Computer and System Sciences, 28:281–308, 1984.
R. Kemmerer, C. Meadows, and J. Millen. Three systems for cryptographic protocol analysis. J. Cryptology, 7(2):79–130, 1994.
J.T. Kohl and B.C. Neuman. The Kerberos network authentication service (version 5). Internet Request For Comment RFC-1510, September 1993.
J.T. Kohl, B.C. Neuman, and T.Y. Ts'o. The evolution of the Kerberos authentication service, pages 78–94. IEEE Computer Society Press, 1994.
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using CSP and FDR. In 2nd International Workshop on Tools and Algorithms for the Construction and Analysis of Systems. Springer-Verlag, 1996.
M. Luby. Pseudorandomness and Cryptographic Applications. Princeton Computer Science Notes, Princeton University Press, 1996.
C. Meadows. Analyzing the Needham-Schroeder public-key protocol: a comparison of two approaches. In Proc. European Symposium On Research In Computer Security. Springer Verlag, 1996.
J.C. Mitchell, M. Mitchell, and U. Stern. Automated analysis of cryptographic protocols using Murϕ. In Proc. IEEE Symp. Security and Privacy, pages 141–151, 1997.
J.C. Mitchell, V. Shmatikov, and U. Stern. Finite-state analysis of SSL 3.0. In Proc. Seventh USENIX Security Symposium, pages 201–216, 1998. Preliminary version presented at DIMACS Workshop on Design and Formal Verification of Security Protocols, September 1997; distributed on workshop CD.
A.J. Menzes, P.C. van Oorschot, and S.A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.
L.C. Paulson. Proving properties of security protocols by induction. In 10th IEEE Computer Security Foundations Workshop, pages 70–83, 1997.
A. W. Roscoe. Modelling and verifying key-exchange protocols using CSP and FDR. In CSFW VIII, page 98. IEEE Computer Soc Press, 1995.
S. Schneider. Security properties and CSP, In IEEE Symp. Security and Privacy, 1996.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mitchell, J.C. (1998). Finite-state analysis of security protocols. In: Hu, A.J., Vardi, M.Y. (eds) Computer Aided Verification. CAV 1998. Lecture Notes in Computer Science, vol 1427. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0028734
Download citation
DOI: https://doi.org/10.1007/BFb0028734
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64608-2
Online ISBN: 978-3-540-69339-0
eBook Packages: Springer Book Archive