A Bisimulation Method for Cryptographic Protocols
نویسندگان
چکیده
We introduce a definition of bisimulation for cryptographic protocols. The definition includes a simple and precise model of the knowledge of the environment with which a protocol interacts. Bisimulation is the basis of an effective proof technique, which yields proofs of classical security properties of protocols and also justifies certain protocol optimizations. The setting for our work is the spi calculus, an extension of the pi calculus with cryptographic primitives. We prove the soundness of the bisimulation proof technique within the spi calculus.
منابع مشابه
Using Admissible Interference to Detect Denial of Service Vulnerabilities
Meadows recently proposed a formal cost-based framework for analysis of denial of service. It was showed how some principles that have already been used to make cryptographic protocols more resistant to denial of service by trading off the cost to defender against the cost to the attacker can be formalized. The first contribution of this paper is to introduce a new security property called impa...
متن کاملAn Information Flow Method to Detect Denial of Service Vulnerabilities
Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The first contribution of this paper is to introduce a new security property called impassivity designed to...
متن کاملBisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols
In this paper, we first define bisimulation-based non-deterministic admissible interference (BNAI), derive its process-theoretic characterisation and present a compositional verification method with respect to the main operators over communicating processes, generalising in this way the similar trace-based results obtained [J. Univ. Comput. Sci. 6 (2000) 1054] into the finer notion of observati...
متن کاملUsing equivalence-checking to verify robustness to denial of service
In this paper, we introduce a new security property which intends to capture the ability of a cryptographic protocol being resistant to denial of service. This property, called impassivity, is formalised in the framework of a generic value-passing process algebra, called Security Protocol Process Algebra, extended with local function calls, cryptographic primitives and special semantics feature...
متن کاملImplementing Spi Calculus Using Nominal Techniques
The aim of this work is to obtain an interactive proof environment based on Isabelle/HOL for reasoning formally about cryptographic protocols, expressed as processes of the spi calculus (a π-calculus with cryptographic primitives). To this end, we formalise syntax, semantics, and hedged bisimulation, an environment-sensitive bisimulation which can be used for proving security properties of prot...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Nord. J. Comput.
دوره 5 شماره
صفحات -
تاریخ انتشار 1998