The faithfulness of abstract protocol analysis: message authentication

Authors:
Joshua D. Guttman;F. Javier Thayer;Lenore D. Zuck
Affiliations:
The MITRE Corporation;The MITRE Corporation;New York University
Venue:
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Year:
2001

Citing 16
Cited 18

Efficient and timely mutual authentication

ACM SIGOPS Operating Systems Review
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
Optimal privacy and authentication on a portable communications system

ACM SIGOPS Operating Systems Review
Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Strand spaces: proving security protocols correct

Journal of Computer Security
Authentication tests and the structure of bundles

Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
The Security of Cipher Block Chaining

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Practice-Oriented Provable-Security

ISW '97 Proceedings of the First International Workshop on Information Security
A Hierarchy of Authentication Specifications

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Verifying authentication protocols with CSP

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Proving Properties of Security Protocols by Induction

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Looking for Diamonds in the Desert - Extending Automatic Protocol Generation to Three-Party Authentication and Key Agreement Protocols

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
The Interrogator model

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy

Cryptographically Sound and Machine-Assisted Verification of Security Protocols

STACS '03 Proceedings of the 20th Annual Symposium on Theoretical Aspects of Computer Science
A composable cryptographic library with nested operations

Proceedings of the 10th ACM conference on Computer and communications security
Some attacks upon authenticated group key agreement protocols

Journal of Computer Security - Special issue on CSFW14
From absence of certain vulnerabilities towards security proofs: pushing the limits of formal verification

Proceedings of the 2003 workshop on New security paradigms
A comparison between strand spaces and multiset rewriting for security protocol analysis

Journal of Computer Security
Secrecy types for a simulatable cryptographic library

Proceedings of the 12th ACM conference on Computer and communications security
A computational analysis of the Needham-Schroeder-(Lowe) protocol

Journal of Computer Security
Computationally sound secrecy proofs by mechanized flow analysis

Proceedings of the 13th ACM conference on Computer and communications security
A Calculus of Global Interaction based on Session Types

Electronic Notes in Theoretical Computer Science (ENTCS)
Computational Semantics for First-Order Logical Analysis of Cryptographic Protocols

Formal to Practical Security
Soundness and completeness of formal encryption: The cases of key cycles and partial information leakage

Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Structured communication-centred programming for web services

ESOP'07 Proceedings of the 16th European conference on Programming
Computational soundness of formal indistinguishability and static equivalence

ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Application of dependency graphs to security protocol analysis

TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Justifying a dolev-yao model under active attacks

Foundations of Security Analysis and Design III
Soundness of formal encryption in the presence of key-cycles

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Cryptographically sound security proofs for basic and public-key kerberos

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Structured Communication-Centered Programming for Web Services

ACM Transactions on Programming Languages and Systems (TOPLAS)

Quantified Score

Hi-index	0.01

Visualization

Abstract

Dolev and Yao initiated an approach to studying cryptographic protocols which abstracts from possible problems with the cryptography so as to focus on the structural aspects of the protocol. Recent work in this framework has developed easily applicable methods to determine many security properties of protocols. A separate line of work, initiated by Bellare and Rogaway, analyzes the way specific cryptographic primitives are used in protocols. It gives asymptotic bounds on the risk of failures of secrecy or authentication.In this paper we show how the Dolev-Yao model may be used for protocol analysis, while a further analysis gives a quantitative bound on the extent to which real cryptographic primitives may diverge from the idealized model. We develop this method where the cryptographic primitives are based on Carter-Wegman universal classes of hash functions. This choice allows us to give specific quantitative bounds rather than simply asymptotic bounds.