An Authentication Logic with Formal Semantics Supporting Synchronization, Revocation, and Recency
IEEE Transactions on Software Engineering
Lazy Infinite-State Analysis of Security Protocols
Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) '99
Fast automatic security protocol generation
Journal of Computer Security
| Hi-index | 0.00 |
We address a common problem of a series of logics for analysis of authentication protocols due to Burrows-Abadi-Needham (BAN), Gong-Needham-Yahalom (GNY), Abadi-Tuttle (AT) and Syverson-Van Oorschot (SVO). The problem can be referred to as that these logics lack a computationally accountable means to perform an important protocol analysis step, called protocol idealization which is to transform some protocol messages into logical formulas. Mistakes may easily occur during the idealization steps in these logics. We propose a rule-based technique to turn the protocol idealization into a job of symbolic manipulation of protocol syntax. The idea is to refine a big step of protocol message transformation in the previous BAN techniques into several smaller ones; each smaller step is simpler and hence easier to understand. Thus, the protocol idealization becomes less error-prone. A number of idealization examples are demonstrated. We hope that these intuitively appealing examples will invite further studies in the correctness of our rules-based technique for protocol idealization.