Specifying authentication using signal events in CSP

Authors:
Siraj A. Shaikh;Vicky J. Bush;Steve A. Schneider
Affiliations:
Department of Computing, UGBS, University of Gloucestershire, Cheltenham Spa, UK;Department of Computing, UGBS, University of Gloucestershire, Cheltenham Spa, UK;Department of Computing, SEPS, University of Surrey, Guildford, Surrey, UK
Venue:
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Year:
2005

Citing 13
Cited 1

Communicating sequential processes

Communicating sequential processes
An attack on the Needham-Schroeder public-key authentication protocol

Information Processing Letters
Verifying Authentication Protocols in CSP

IEEE Transactions on Software Engineering
Using encryption for authentication in large networks of computers

Communications of the ACM
The Theory and Practice of Concurrency

The Theory and Practice of Concurrency
Concurrent and Real Time Systems: The CSP Approach

Concurrent and Real Time Systems: The CSP Approach
A Hierarchy of Authentication Specifications

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
The modelling and analysis of security protocols: the csp approach

The modelling and analysis of security protocols: the csp approach
What makes a cryptographic protocol secure? the evolution of requirements specification in formal cryptographic protocol analysis

ESOP'03 Proceedings of the 12th European conference on Programming
What do we mean by entity authentication?

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Security properties and CSP

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Authentication by correspondence

IEEE Journal on Selected Areas in Communications

Verifying Multi-party Authentication Using Rank Functions and PVS

Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

The formal analysis of cryptographic protocols has firmly developed into a comprehensive body of knowledge, building on a wide variety of formalisms and treating a diverse range of security properties, foremost of which is authentication. The formal specification of authentication has long been a subject of examination. In this paper, we discuss the use of correspondence to formally specify authentication and focus on Schneider’s use of signal events in CSP to specify authentication. The purpose of this effort is to strengthen this formalism further. We develop a formal structure for these events and use them to specify a general authentication property. We then develop specifications for recentness and injectivity as sub-properties, and use them to refine authentication further. Our work is motivated by the desire to effectively analyse and express security properties in formal terms, so as to make them precise and clear.