Names in Cryptographic Protocols
نویسندگان
چکیده
Messages in cryptographic protocols are made up of a small set of elements; keys, nonces, timestamps, and names, amongst others. These elements must possess specific properties to be useful for their intended purpose. Some of these properties are prescribed as part of the protocol specification, while others are assumed to be inherited from the execution environment. We focus on this latter category by analyzing the security properties of names. We argue that to fulfill their role in cryptographic protocols, names must be unique across correlated sessions i.e. where the massages of one session can be reused in another without detection and that uniqueness must be guaranteed to hold for each participant of these runs. We discuss how uniqueness can be provided and verified by the interested parties. To do so, two different mechanisms are shown possible, namely local and global verification. In both cases we discuss the implications of uniqueness on the execution environment of a cryptographic protocol, pointing out the inescapable issues related to each of the two mechanisms. Finally, we argue that such implications should be given careful consideration as they represent important elements in the evaluation of a cryptographic protocol itself.
منابع مشابه
Design of cybernetic metamodel of cryptographic algorithms and ranking of its supporting components using ELECTRE III method
Nowadays, achieving desirable and stable security in networks with national and organizational scope and even in sensitive information systems, should be based on a systematic and comprehensive method and should be done step by step. Cryptography is the most important mechanism for securing information. a cryptographic system consists of three main components: cryptographic algorithms, cryptogr...
متن کاملImplementing Spi Calculus Using Nominal Techniques
The aim of this work is to obtain an interactive proof environment based on Isabelle/HOL for reasoning formally about cryptographic protocols, expressed as processes of the spi calculus (a π-calculus with cryptographic primitives). To this end, we formalise syntax, semantics, and hedged bisimulation, an environment-sensitive bisimulation which can be used for proving security properties of prot...
متن کاملVerifying Regular Trace Properties of Security Protocols with Explicit Destructors and Implicit Induction
We present a procedure for the verification of cryptographic protocols based on a new method for automatic implicit induction theorem proving for specifications made of conditional and constrained rewrite rules. The method handles axioms between constructor terms which are used to introduce explicit destructor symbols for the specification of cryptographic operators. Moreover, it can deal with ...
متن کاملA short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کامل