A Proof Theoretic Analysis of Security Protocols
نویسندگان
چکیده
In this paper we define a sequent calculus to formally specify and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of proof rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter for checking safety properties of security protocols, and we have applied it successfully to find error traces or proving correctness of practical examples. The specification of a protocol is done in Prolog, and does not require knowledge of the underlying proof system.
منابع مشابه
Unconditional and Composable Security Using a Single Stateful Tamper-Proof Hardware Token
Cryptographic assumptions regarding tamper proof hardware tokens have gained increasing attention. Even if the tamper-proof hardware is issued by one of the parties, and hence not necessarily trusted by the other, many tasks become possible: Tamper proof hardware is sufficient for universally composable protocols, for information-theoretically secure protocols, and even allow to create software...
متن کاملOn the design and security of a lattice-based threshold secret sharing scheme
In this paper, we introduce a method of threshold secret sharing scheme (TSSS) in which secret reconstruction is based on Babai's nearest plane algorithm. In order to supply secure public channels for transmitting shares to parties, we need to ensure that there are no quantum threats to these channels. A solution to this problem can be utilization of lattice-based cryptosystems for these channe...
متن کاملProof Theory, Transformations, and Logic Programming for Debugging Security Protocols
In this paper we define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the anal...
متن کاملThreshold Homomorphic Encryption in the Universally Composable Cryptographic Library
Protocol security analysis has become an active research topic in recent years. Researchers have been trying to build sufficient theories for building automated tools, which give security proofs for cryptographic protocols. There are two approaches for analysing protocols: formal and computational. The former, often called Dolev-Yao style, uses abstract terms to model cryptographic messages wit...
متن کاملSuperselection rules and quantum protocols
We show that superselection rules do not enhance the information-theoretic security of quantum cryptographic protocols. Our analysis employs two quite different methods. The first method uses the concept of a reference system—in a world subject to a superselection rule, unrestricted operations can be simulated by parties who share access to a reference system with suitable properties. By this m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008