Constructing and Reasoning About Security Protocols Using Invariants

Authors:
Arjan J. Mooij
Affiliations:
School of Computer Science and Information Technology, The University of Nottingham, Jubilee Campus, Wollaton Road, Nottingham NG8 1BB, United Kingdom
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2008

Citing 19
Cited 1

A logic of authentication

ACM Transactions on Computer Systems (TOCS)
Prudent Engineering Practice for Cryptographic Protocols

IEEE Transactions on Software Engineering
A calculus for cryptographic protocols

Information and Computation
On a method of multiprogramming

On a method of multiprogramming
Strand spaces: proving security protocols correct

Journal of Computer Security
The inductive approach to verifying cryptographic protocols

Journal of Computer Security
Using encryption for authentication in large networks of computers

Communications of the ACM
A Discipline of Programming

A Discipline of Programming
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Using state space exploration and a natural deduction style message derivation engine to verify security protocols

PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
An Elementary Derivation of the Alternating Bit Protocol

MPC '98 Proceedings of the Mathematics of Program Construction
A Hierarchy of Authentication Specifications

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Invariant Generation Techniques in Cryptographic Protocol Analysis

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Axiomatic proof techniques for parallel programs.

Axiomatic proof techniques for parallel programs.
A derivation system and compositional logic for security protocols

Journal of Computer Security
Streamlining progress-based derivations of concurrent programs

Formal Aspects of Computing
Incremental verification of owicki/gries proof outlines using PVS

ICFEM'05 Proceedings of the 7th international conference on Formal Methods and Software Engineering
Progress in deriving concurrent programs: emphasizing the role of stable guards

MPC'06 Proceedings of the 8th international conference on Mathematics of Program Construction
Systematic design of a family of attack-resistant authentication protocols

IEEE Journal on Selected Areas in Communications

Calculating and composing progress properties in terms of the leads-to relation

ICFEM'07 Proceedings of the formal engineering methods 9th international conference on Formal methods and software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work we explore the applicability of the programming method of Feijen and van Gasteren to the construction of security protocols. This method addresses the derivation of concurrent programs from a formal specification, and it is based on common notions like invariants and pre- and post-conditions. We show that fundamental security concepts like secrecy and authentication can nicely be specified in this way. Using some small extensions, the style of formal reasoning from this method can be applied to the security domain. To demonstrate our approach, we discuss an authentication protocol and a public-key distribution protocol, and we deal with their composition. Although this work does not contain any new protocols, it does offer a new view on describing, constructing and reasoning about security protocols.