Abstract
Many security properties of cryptographic protocols can be all seen as specific instances of a general property, we called Non Deducibility on Composition (NDC), that we proposed a few years ago for studying information flow properties in computer systems. The advantage of our unifying theory is that formal comparison among these properties is now easier and that the full generality of NDC has helped us in finding a few new attacks on cryptographic protocols.
Work partially supported by MURST Progetto TOSCA and Progetto “Certificazione automatica di programmi mediante interpretazione astratta”; CNR Progetto “Modelli e Metodi per la Matematica e l’Ingegneria”; CSP Progetto “ISA: Isp Secured trAnsactions”.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abadi. Security protocols and specifications. In Proc. Foundations of Software Science and Computation Structures, volume 1578 of LNCS, pages 1–13, 1999.
M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148(1):1–70, 1999.
M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6–15, January 1996.
D. E. Bell and L. J. La Padula. Secure computer systems: Unified exposition and multics interpretation. ESD-TR-75-306, MITRE MTR-2997, March 1976.
C. Bodei, P. Degano, R. Focardi, and C. Priami. Authentication via localized names. In Proceedings of CSFW’99, pages 98–110. IEEE press, 1999.
J. Clark and J. Jacob. “A Survay of Authentication Protocols Literature: version 1.0”. November 1997. http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz.
R. De Nicola and M. Hennessy. Testing equivalences for processes. Theoretical Computer Science, 34:83–133, 1984.
A. Durante, R. Focardi, and R. Gorrieri. A compiler for analysing cryptographic protocols using non-interference. Submitted for publication.
A. Durante, R. Focardi, and R. Gorrieri. CVS: A compiler for the analysis of cryptographic protocols. In Proceedings of CSFW’99, pages 203–212. IEEE press, 1999.
R. Focardi and R. Gorrieri. A classification of security properties for process algebras. Journal of Computer Security, 3(1):5–33, 1994/1995.
R. Focardi and R. Gorrieri. The compositional security checker: A tool for the verification of information flow security properties. IEEE Transactions on Software Engineering, 23(9), September 1997.
R. Focardi, R. Gorrieri, and F. Martinelli. Information flow analysis in a discretetime process algebra. In Proceedings of CSFW’00, 2000. IEEE Press. To appear.
R. Focardi, R. Gorrieri, and F. Martinelli. Message authentication through noninterference. In Proc. of 8th International Conference in Algebraic Methodology and Software Technology (AMAST), 2000. To appear.
R. Focardi, R. Gorrieri, and F. Martinelli. Secrecy in security protocols as noninterference. In Workshop on secure architectures and information flow, volume 32 of ENTCS, 2000.
R. Focardi and F. Martinelli. A uniform approach for the definition of security properties. In Proceedings of World Congress on Formal Methods (FM’99), pages 794–813. Springer, LNCS 1708, 1999.
J. A. Goguen and J. Meseguer. Security policy and security models. In Proc. of the 1982 Symposium on Security and Privacy, pages 11–20. IEEE Press, 1982.
D. Gollman. What do we mean by entity authentication? In Proceedings of Symposium in Research in Security and Privacy, pages 46–54. IEEE Press, 1996.
D. Gollman. On the verification of cryptographic protocols-a tale of two committees. In Workshop on secure architectures and information flow, volume 32 of ENTCS, 2000.
C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, 1985.
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS’96, pages 146–166. LNCS 1055, 1996.
G. Lowe. A hierarchy of authentication specification. In Proceedings of the 10th Computer Security Foundation Workshop, pages 31–43. IEEE press, 1997.
MasterCard. Secure electronic payment protocol, November 1995. Draft Version 1.2.
R. Milner. Communication and Concurrency. Prentice-Hall, 1989.
S. Schneider. Verifying authentication protocols with csp. In Proceedings of the 10th Computer Security Foundation Workshop, pages 3–17. IEEE press, 1997.
S. Schneider. Formal analysis of a non-repudiation protocol. In Proceedings of CSFW’98, pages 54–65. IEEE Press, 1998.
S. Schneider. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9), September 1998.
F.B. Schneier. Applied Cryptography. Wiley, 1996.
T. Y. C. Woo and S. S. Lam. Authentication for distributed systems. IEEE Computer, 25(1):39–51, 1992.
T. Y. C. Woo and S. S. Lam. Authentication revised. IEEE Computer, 25(3):10, 1992.
T. Y. C. Woo and S. S. Lam. A semantic model for authentication protocols. In Proceedings of the 1993 IEEE Computer Society Symposium on Security and Privacy (SSP’ 93), pages 178–195. IEEE Press, May 1993.
J. Zhou and D. Gollman. A fair non-repudiation protocol. In Proc. of Symposium in Research in Security and Privacy, pages 55–61. IEEE Press, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Gorrieri, R., Martinelli, F. (2000). Non Interference for the Analysis of Cryptographic Protocols. In: Montanari, U., Rolim, J.D.P., Welzl, E. (eds) Automata, Languages and Programming. ICALP 2000. Lecture Notes in Computer Science, vol 1853. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45022-X_31
Download citation
DOI: https://doi.org/10.1007/3-540-45022-X_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67715-4
Online ISBN: 978-3-540-45022-1
eBook Packages: Springer Book Archive