Extending NCP for protocols using public keys

Quantified Score

Visualization

Abstract

One of the greatest obstacles to wide-spread deployment of wireless mobile systems is security. Cryptographically strong protocols and algorithms are required to enable secure communication over links that are easy to monitor and control by an attacker. While good cryptographic algorithms exist, it is difficult to design protocols that are immune to malicious attack. Good analysis techniques are lacking. This paper presents extensions to a technique for specifying and analyzing nonmonotonic cryptographic protocols that use asymmetric keys. We introduce new actions and inference rules, as well as slight modifications to the Update function. An important observation is that reasoning about the origin of messages is quite different when dealing with asymmetric key protocols. We also introduce the notion that keys in certificates should be bound to the principals receiving them. We extend the technique to meet the binding requirements and show how the flaw in the Denning and Sacco public key protocol, which was discovered by Abadi and Needham, is revealed. We demonstrate the extended technique using one protocol of our own and the Needham and Schroeder public key protocol. We also introduce and analyze a fix to a known weakness in Needham and Schroeder's protocol using our extended technique. Finally, we present several applications of these techniques to protocols for mobile computing over wireless networks.