Abstract
We use the formal language LOTOS to specify a registration protocol between a user and a Trusted Third Party, that requires mutual authentication. We explain how a model-based verification method can be used to verify its robustness to attacks by an intruder. This method is also used to find a simpler protocol that remains secure.
Chapter PDF
Similar content being viewed by others
Keywords
References
Abadi, M. and Gordon, A.D. (1997) A Calculus for Cryptographic Protocols The Spi Calculus, Proceedings of the 4th ACM Conference on Computer and Communications Security.
Bolignano, D. (1997) Towards a Mechanization of Cryptographic Protocol Verification, Proceedings of CAV 97, LNCS 1254, Springer-Verlag. Bolognesi, T. and Brinksma E. (1987) Introduction to the ISO Specification Language LOTOS, Computer Networks and ISDN Systems 14. Bouajjani, A. Fernandez, J.C. Graf, S. Rodriguez, C. and Sifakis, J. (1991)
Safety for Branching Time Semantics, 18th ICALP, Springer-Verlag. Fernandez, J.C. Garavel, H. Kerbat, A. Mateescu, R. Mounier, L. and Sighireanu, M. (1996) CAESAR/ALDEBARAN Development Package: A Protocol Validation and Verification Toolbox,Proceedings of the 8th Conference on Computer-Aided Verification, Alur and Henzinger Eds.
Garabel, H. (1996) An overview of the Eucalyptus Toolbox,Proceedings of COST247 workshop.
Germeau, F. and Leduc, G. (1997) Model-based Design and Verification of Security Protocols using LOTOS, Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols.
Guillou, L. and Quiquater, J.J. (1988) A Practical Zero-knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory, Proceedings of Eurocrypt 88, Springer-Verlag.
Guimaraes, J. Boucqueau, J.M. Macq, B. (1996) OKAPI: a Kernel for Access Control to Multimedia Services based on Trusted Third Parties, Proceedings of ECMAST 96, pp. 783–798.
ISO (1989) LOTOS, a Formal Description Technique Based on the Temporal Ordering of Observational Behaviour, Information Processing Systems - Open Systems Interconnection: IS 8807.
ITU-T (1993) The Directory: Authentication Framework, Information Technology - Open Systems Interconnection: ITU-T Recommendation X. 509.
Lacroix, S. Boucqueau, J.M. Quisquater, J.J. and Macq, B. (1996) Providing Equitable Conditional Access by Use of Trusted Third Parties, Proceedings of ECMAST 96, pp. 763–782.
Leduc, G. Bonaventure, O. Koerner, E. Léonard, L. Pecheur, C. and Zanetti, D. (1996) Specification and Verification of a TTP Protocol for the Conditional Access to Services., Proceedings of 12th J. Cartier Workshop on Formal Methods and their Applications: Telecommunications, VLSI and Real-Time Computerized Control System, Canada.
Lowe, G. (1996) Breaking and Fixing the Needham-Schroeder Public-Key Authentication Protocol using FDR, T. Margaria and B. Steffen Eds., Tools and Algorithms for the Construction and Analysis of Systems, LNCS 1055, Springer-Verlag.
Pecheur, C. (1996) Improving the Specification of Data Types in LOTOS, Doctoral dissertation, University of Liège.
Schneier, B. (1996) Applied Cryptography, Second Edition, J. Wiley and Sons.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Germeau, F., Leduc, G. (1997). A Computer Aided Design of a Secure Registration Protocol. In: Mizuno, T., Shiratori, N., Higashino, T., Togashi, A. (eds) Formal Description Techniques and Protocol Specification, Testing and Verification. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35271-8_9
Download citation
DOI: https://doi.org/10.1007/978-0-387-35271-8_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5260-1
Online ISBN: 978-0-387-35271-8
eBook Packages: Springer Book Archive