ACM Transactions on Computer Systems (TOCS)
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
A critique of the Burrows, Abadi and Needham logic
ACM SIGOPS Operating Systems Review
A Logical Language for Specifying Cryptographic Protocol Requirements
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Prudent Engineering Practice for Cryptographic Protocols
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
One of the greatest obstacles to wide-spread deployment of wireless mobile systems is security. Cryptographically strong protocols and algorithms are required to enable secure communication over links that are easy to monitor and control by an attacker. While good cryptographic algorithms exist, it is difficult to design protocols that are immune to malicious attack. Good analysis techniques are lacking. This paper presents extensions to a technique for specifying and analyzing nonmonotonic cryptographic protocols that use asymmetric keys. We introduce new actions and inference rules, as well as slight modifications to the Update function. An important observation is that reasoning about the origin of messages is quite different when dealing with asymmetric key protocols. We also introduce the notion that keys in certificates should be bound to the principals receiving them. We extend the technique to meet the binding requirements and show how the flaw in the Denning and Sacco public key protocol, which was discovered by Abadi and Needham, is revealed. We demonstrate the extended technique using one protocol of our own and the Needham and Schroeder public key protocol. We also introduce and analyze a fix to a known weakness in Needham and Schroeder's protocol using our extended technique. Finally, we present several applications of these techniques to protocols for mobile computing over wireless networks.