A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Adding time to a logic of authentication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Reasoning about knowledge
An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A calculus for cryptographic protocols
Information and Computation
Formal Semantics for Authentication Logics
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
An augmentation of BAN-like logics
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
On Unifying Some Cryptographic Protocol Logics
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Knowledge, Timed Precedence and Clocks
Knowledge, Timed Precedence and Clocks
A DRM security architecture for home networks
Proceedings of the 4th ACM workshop on Digital rights management
Toward Reasoning about Security Protocols: A Semantic Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
SVO logic based formalisms of GSI protocols
PDCAT'04 Proceedings of the 5th international conference on Parallel and Distributed Computing: applications and Technologies
| Hi-index | 0.00 |
Distributed systems inherently involve dynamic changes to the value of security-relevant attributes such as the goodness of encryption keys, trustworthiness of participants, and synchronization between principals. Since concurrent knowledge is usually infeasible or impractical, it is often necessary for the participants of distributed protocols to determine and act on beliefs that may not be supported by the current state of the system. Policies for determining beliefs in such situations can range from extremely conservative, such as only believing statements if they are very recent, to extremely optimistic, such as believing all statements that are not yet known to be revoked. Such security policies often are heavily dependent on timing of received messages and on synchronization between principals. We present a logic for analyzing cryptographic protocols that has the capability to specify time and synchronization details. This capability considerably advances the scope of known techniques both for expressing practical authentication policies of protocol participants as constraints and for reasoning about protocol goals subject to these constraints. In the course of reasoning about protocol goals, one is able to exhibit sufficient conditions regarding trust between protocol participants, synchronization between protocol participants, and timeliness of message contents. Our logic is flexible and can support a wide range of security policies including the recent-secure authentication policy for enforcing revocation in distributed systems. The ability to reason about the conjunction of individual participant policies and protocols will be especially important as public and private key infrastructures are deployed and new and unanticipated policies are put into use.