Article

An intruder model for verifying liveness in security protocols

Authors:

Jan Cederquist,

Mohammad Torabi DashtiAuthors Info & Claims

FMSE '06: Proceedings of the fourth ACM workshop on Formal methods in security

Pages 23 - 32

https://doi.org/10.1145/1180337.1180340

Published: 03 November 2006 Publication History

Abstract

We present a process algebraic intruder model for verifying a class of liveness properties of security protocols. For this class, the proposed intruder model is proved to be equivalent to a Dolev-Yao intruder that does not delay indefinitely the delivery of messages. In order to prove the equivalence, we formalize the resilient communication channels assumption. As an application of the proposed intruder model, formal verification of fair exchange protocols is discussed.

References

[1]

M. Abadi and B. Blanchet. Computer-assisted verification of a protocol for certified email. In SAS '03, volume 2694 of LNCS, pages 316--335, 2003.]]

[2]

M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Trans. Software Eng., 22(1):6--15, 1996.]]

Digital Library

[3]

B. Alpern and F. Schneider. Defining liveness. Technical Report TR 85-650, Dept. of Computer Science, Cornell University, October 1984.]]

Digital Library

[4]

N. Asokan. Fairness in electronic commerce. PhD thesis, Univ. Waterloo, 1998.]]

Digital Library

[5]

N. Asokan and P. Ginzboorg. Key agreement in ad hoc networks. Computer Communications, 23(17):1627--1637, 2000.]]

Digital Library

[6]

N. Asokan, V. Shoup, and M. Waidner. Asynchronous protocols for optimistic fair exchange. In IEEE Symp. on Security and Privacy. IEEE CS, 1998.]]

[7]

N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. IEEE J. Selected Areas in Communications, 18(4):593--610, 2000.]]

Digital Library

[8]

A. Basu, B. Charron-Bost, and S. Toueg. Simulating reliable links with unreliable links in the presence of process crashes. In WDAG '96, volume 1151 of LNCS, pages 105--122. Springer, 1996.]]

Digital Library

[9]

G. Bella and L. C. Paulson. Mechanical proofs about a non-repudiation protocol. In TPHOL'01, volume 2152 of LNCS, pages 91--104. Springer, 2001.]]

Digital Library

[10]

J. Bergstra and J. Klop. Algebra of communicating processes with abstraction. Theor. Comput. Sci., 37:77--121, 1985.]]

[11]

J. Cederquist, R. Corin, and M. Torabi Dashti. On the quest for impartiality: Design and analysis of a fair non-repudiation protocol. In ICICS'05, volume 3783 of LNCS, pages 27--39. Springer, 2005.]]

Digital Library

[12]

J. Cederquist and M. Dashti. Formal analysis of a fair payment protocol. In Formal Aspect of Security and Trust, volume 173 of IFIP, pages 41--54. Springer, 2004.]]

[13]

I. Cervesato. The Dolev-Yao intruder is the most powerful attacker. In LICS'01. IEEE Computer Society Press, 16--19 June 2001.]]

Digital Library

[14]

Y. Chevalier and L. Vigneron. Automated unbounded verification of security protocols. In CAV '02, volume 2404 of LNCS, pages 324--337. Springer, 2002.]]

Digital Library

[15]

H. Comon and V. Shmatikov. Is it possible to decide whether a cryptographic protocol is secure or not? J. of Telecommunications and Information Technology, 4:3--13, 2002.]]

[16]

D. Dolev and A. Yao. On the security of public key protocols. IEEE Trans. on Information Theory, IT-29(2):198--208, 1983.]]

Digital Library

[17]

E. Emerson. Temporal and modal logic. In J. van Leeuwen, editor, Handbook of theoretical computer science (vol. B): formal models and semantics, pages 995--1072. MIT Press, 1990.]]

Digital Library

[18]

E. Emerson and C-L. Lei. Temporal reasoning under generalized fairness constraints. In STACS '86, pages 21--36. Springer-Verlag, 1985.]]

Digital Library

[19]

R. Engelschall. URL rewriting engine. Apache HTTP Server Version 1.3.]]

[20]

M. Fischer, N. Lynch, and M. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374--382, 1985.]]

Digital Library

[21]

N. Francez. Fairness. Springer, 1986.]]

Digital Library

[22]

J. F. Groote and A. Ponse. The syntax and semantics of μ. In Algebra of Communicating Processes, Workshops in Computing Series, pages 26--62. Springer, 1995.]]

[23]

S. Gürgens, C. Rudolph, and H. Vogt. On the security of fair non-repudiation protocols. In ISC '03, volume 2851 of LNCS, pages 193--207, 2003.]]

[24]

J. Heather, G. Lowe, and S. Schneider. How to prevent type flaw attacks on security protocols. J. Computer Security, 11(2):217--244, 2003.]]

Digital Library

[25]

C. A. R. Hoare. Communicating sequential processes. Commun. ACM, 21(8):666--677, 1978.]]

Digital Library

[26]

D. Kähler and R. Küsters. Constraint solving for contract-signing protocols. In CONCUR '05, volume 3653 of LNCS, pages 233--247. Springer, 2005.]]

Digital Library

[27]

S. Kremer, O. Markowitch, and J. Zhou. An intensive survey of non-repudiation protocols. Computer Communications, 25(17):1606--1621, November 2002.]]

Digital Library

[28]

S. Kremer and J. Raskin. A game-based verification of non-repudiation and fair exchange protocols. In CONCUR'01, volume 2154 of LNCS, pages 551--565. Springer, 2001.]]

Digital Library

[29]

R. Mateescu and M. Sighireanu. Efficient on-the-fly model-checking for regular alternation-free mu-calculus. Sci. Comput. Program., 46(3):255--281, 2003.]]

Digital Library

[30]

C. Meadows. Formal methods for cryptographic protocol analysis: Emerging issues and trends. IEEE J. Selected Areas in Communication, 21(2):44--54, 2003.]]

Digital Library

[31]

R. De Nicola and F. Vaandrager. Three logics for branching bisimulation. J. ACM, 42(2):458--487, 1995.]]

Digital Library

[32]

L. Paulson. The inductive approach to verifying cryptographic protocols. J. Computer Security, 6(1-2):85--128, 1998.]]

Digital Library

[33]

A. Pnueli. a temporal logic of concurrent programs. Theor. Comput. Sci., 13:45 -- 60, 1981.]]

[34]

V. Shmatikov and J. Mitchell. Finite-state analysis of two contract signing protocols. Theor. Comput. Sci., 283(2):419--450, 2002.]]

Digital Library

[35]

H. Vogt. Asynchronous optimistic fair exchange based on revocable items. In Financial Cryptography, volume 2742 of LNCS, pages 208--222. Springer, 2003.]]

[36]

H. Vogt, H. Pagnia, and F. Gärtner. Using smart cards for fair exchange. In WELCOM '01, volume 2232 of LNCS, pages 101--113. Springer, 2001.]]

Digital Library

[37]

J. Zhou, R. Deng, and F. Bao. Evolution of fair non-repudiation with TTP. In ACISP '99, volume 1587 of LNCS, pages 258--269. Springer, 1999.]]

Digital Library

Cited By

Backes MDreier JKremer SKunnemann R(2017)A Novel Approach for Reasoning about Liveness in Cryptographic Protocols and Its Application to Fair Exchange2017 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP.2017.12(76-91)Online publication date: Apr-2017
https://doi.org/10.1109/EuroSP.2017.12
Desnitsky VKotenko I(2014)Expert Knowledge Based Design and Verification of Secure Systems with Embedded DevicesAdvanced Information Systems Engineering10.1007/978-3-319-10975-6_15(194-210)Online publication date: 2014
https://doi.org/10.1007/978-3-319-10975-6_15
Armando ACarbone RCompagna L(2012)LTL model checking for security protocolsJournal of Applied Non-Classical Logics10.3166/jancl.19.403-42919:4(403-429)Online publication date: 13-Apr-2012
https://doi.org/10.3166/jancl.19.403-429
Show More Cited By

Recommendations

Verifying liveness properties of multifunction composite protocols

In protocol composition techniques, component protocols are combined in various ways to obtain a complex protocol whose execution sequences consist of interleaved execution sequences of the component protocols. In this paper, we investigate the problem ...
Verifying security protocols by knowledge analysis

This paper describes a new interactive method to analyse knowledge of participants involved in security protocols and further to verify the correctness of the protocols. The method can detect attacks and flaws involving interleaving sessions besides ...
Verifying Security Protocols Modelled by Networks of Automata
Special Issue on Concurrency Specification and Programming (CS&P)

In this paper we show a novel method for modelling behaviours of security protocols using networks of communicating automata in order to verify them with SAT-based bounded model checking. These automata correspond to executions of the participants as ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

FMSE '06: Proceedings of the fourth ACM workshop on Formal methods in security

November 2006

84 pages

ISBN:1595935509

DOI:10.1145/1180337

General Chair:
Marianne Winslett
UIUC
,
Program Chairs:
Andrew D. Gordon
Microsoft Research, UK
,
David Sands
Chalmers University of Technology, Sweden

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS06

Sponsor:

CCS06: 13th ACM Conference on Computer and Communications Security 2006

November 3, 2006

Virginia, Alexandria, USA

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
413
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Backes MDreier JKremer SKunnemann R(2017)A Novel Approach for Reasoning about Liveness in Cryptographic Protocols and Its Application to Fair Exchange2017 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP.2017.12(76-91)Online publication date: Apr-2017
https://doi.org/10.1109/EuroSP.2017.12
Desnitsky VKotenko I(2014)Expert Knowledge Based Design and Verification of Secure Systems with Embedded DevicesAdvanced Information Systems Engineering10.1007/978-3-319-10975-6_15(194-210)Online publication date: 2014
https://doi.org/10.1007/978-3-319-10975-6_15
Armando ACarbone RCompagna L(2012)LTL model checking for security protocolsJournal of Applied Non-Classical Logics10.3166/jancl.19.403-42919:4(403-429)Online publication date: 13-Apr-2012
https://doi.org/10.3166/jancl.19.403-429
Bella G(2012)Inductive study of confidentiality: for everyoneFormal Aspects of Computing10.1007/s00165-012-0246-326:1(3-36)Online publication date: 23-Jun-2012
https://doi.org/10.1007/s00165-012-0246-3
Williams Dde Ruiter JFokkink W(2012)Model checking under fairness in proB and its application to fair exchange protocolsProceedings of the 9th international conference on Theoretical Aspects of Computing10.1007/978-3-642-32943-2_14(168-182)Online publication date: 24-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-32943-2_14
Basagiannis SKatsaros PPombortsis A(2011)Synthesis of attack actions using model checking for the verification of security protocolsSecurity and Communication Networks10.1002/sec.1194:2(147-161)Online publication date: 28-Jan-2011
https://doi.org/10.1002/sec.119
Chen MWu KXu JHe P(2010)A New Method for Formalizing Optimistic Fair Exchange ProtocolsInformation and Communications Security10.1007/978-3-642-17650-0_18(251-265)Online publication date: 2010
https://doi.org/10.1007/978-3-642-17650-0_18
Basagiannis SKatsaros PPombortsis AAlexiou N(2009)Probabilistic model checking for the quantification of DoS security threatsComputers and Security10.1016/j.cose.2009.01.00228:6(450-465)Online publication date: 1-Sep-2009
https://dl.acm.org/doi/10.1016/j.cose.2009.01.002
Dashti MNair SJonker H(2008)Nuovo DRM Paradiso: Designing a Secure, Verified, Fair Exchange DRM SchemeFundamenta Informaticae10.5555/2366366.236636989:4(393-417)Online publication date: 1-Dec-2008
https://dl.acm.org/doi/10.5555/2366366.2366369
Dashti MNair SJonker H(2008)Nuovo DRM Paradiso: Designing a Secure, Verified, Fair Exchange DRM SchemeFundamenta Informaticae10.5555/1497115.149711889:4(393-417)Online publication date: 1-Dec-2008
https://dl.acm.org/doi/10.5555/1497115.1497118
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten