Towards a Strand Semantics for Authentication Logic

The logic BAN was developed in the late eighties to reason about authenticated key establishment protocols. It uncovered many aws and properties of protocols, thus generating lots of attention in protocol analysis. BAN itself was also subject of much attention, and work was done examining its properties and limitations, developing extensions and alternatives, and giving it a semantics. More recently, the strand space approach was developed. This approach gave a graph theoretic characterization of the causally possible interactions between local histories (strands) along with a term algebra to express sent and received messages. This model was designed and has been used by its authors for direct application to authentication protocol analysis. However, it has also quickly attracted the attention of many other researchers in the eld as useful in connection to related work, such as model checking approaches. Here we discuss the idea of using strand spaces as the model of computation underlying a semantics for BAN-style expressions. This will help to integrate some of the approaches to security protocol analysis and to hopefully provide BAN logics with a clearer, more useful underlying model than they have had to date. 1 Early Approaches to Knowledge Automated approaches using model checkers, theorem provers and the like have increasingly been at the heart of formal analysis of security protocols for the last several years. However, for much of the nineties the most well known and successful approach to this problem was by hand analysis using specialized logics. A belief logic, BAN [2], was widely used to reveal a number of aws and 1 This work supported by NSA and ONR. Thanks to Cathy Meadows for many helpful comments and discussions. U.S. Government Work. Not Subject to U.S. Copyright.