Proceedings ArticleDOI
Verifying authentication protocols with CSP
Steve Schneider
- pp 3-17
Reads0
Chats0
TLDR
A specific theory appropriate to the analysis of authentication protocols is developed, built on top of the general CSP semantic framework, to combine the ability to express protocols in a natural and precise way with the facility to reason formally about the properties they exhibit.Abstract:
The paper presents a general approach for analysis and verification of authentication properties in the language of communicating sequential processes (CSP). It is illustrated by an examination of the Needham-Schroeder public key protocol (R. Needham and M. Schroeder, 1978). The contribution of the article is to develop a specific theory appropriate to the analysis of authentication protocols, built on top of the general CSP semantic framework. This approach aims to combine the ability to express such protocols in a natural and precise way with the facility to reason formally about the properties they exhibit.read more
Citations
More filters
Journal ArticleDOI
The inductive approach to verifying cryptographic protocols
TL;DR: Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions, which are based on ordinary predicate calculus and copes with infinite-state systems.
Journal ArticleDOI
Strand spaces: proving security protocols correct
TL;DR: The approach is distinguished from other work by the simplicity of the model, the precision of the results it produces, and the ease of developing intelligible and reliable proofs even without automated support.
Proceedings ArticleDOI
Strand spaces: why is a security protocol correct?
TL;DR: This paper applies the strand space formalism to prove the correctness of the Needham-Schroeder-Lowe protocol and proves a generally useful lemma, as a sample result giving a general bound on the abilities of the penetrator in any protocol.
Proceedings ArticleDOI
Protocol insecurity with finite number of sessions is NP-complete
TL;DR: It is shown that this problem is NP-complete in a Dolev-Yao model of intruders, and it is proved that in order to build an attack with a fixed number of sessions the intruder needs only to forge messages of polynomial size.
Journal ArticleDOI
Protocol Composition Logic (PCL)
TL;DR: PCL supports compositional reasoning about complex security protocols and has been applied to a number of industry standards including SSL/TLS, IEEE 802.11i and Kerberos V5.
References
More filters
Journal ArticleDOI
Communicating sequential processes
TL;DR: It is suggested that input and output are basic primitives of programming and that parallel composition of communicating sequential processes is a fundamental program structuring method.
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Journal ArticleDOI
A calculus of mobile processes, II
TL;DR: The a-calculus is presented, a calculus of communicating systems in which one can naturally express processes which have changing structure, including the algebraic theory of strong bisimilarity and strong equivalence, including a new notion of equivalence indexed by distinctions.
Journal ArticleDOI
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.