Verifying equivalence properties of security protocols
نویسندگان
چکیده
Security protocols are used nowadays for securing transactions through public channels, like the Internet. Typical examples of applications include electronic commerce, electronic voting or mobile ad hoc networking. In order to obtain as much confidence as possible, several formal methods have been proposed for analyzing properties of security protocols. Depending on the goals which a security protocol has, there are several types of properties that need to be verified. First, there are reachability or trace-based properties, which express the fact that a bad state cannot be reached. Two classical reachability properties are secrecy and authentication. Secrecy expresses the fact that a secret key or nonce cannot become public and authentication is used for ensuring an agent of other’s identity. However, there are some security properties, like privacy, that cannot be formulated in terms of reachability. These can be modeled using equivalence-based properties, usually used to express indistinguishably, a security property satisfied when an observer cannot distinguish between two processes. This is crucial in proving anonymity properties, where an attacker should not be able to distinguish a run involving an agent A from a run involving another participant A′. Anonymity is also used in the context of electronic voting, where two different runs of the voting protocol should be indistinguishable for the attacker in order to ensure that no information is leaked about the vote of a participant. Another equivalence-based property is resistance to off line
منابع مشابه
Verifying privacy-type properties of electronic voting protocols
Electronic voting promises the possibility of a convenient, efficient and secure facility for recording and tallying votes in an election. Recently highlighted inadequacies of implemented systems have demonstrated the importance of formally verifying the underlying voting protocols. We study three privacy-type properties of electronic voting protocols: in increasing order of strength, they are ...
متن کاملSymbolic Bisimulation for the Applied Pi Calculus * Stéphanie Delaune
We propose a symbolic semantics for the finite applied pi calculus.The applied pi calculus is a variant of the pi calculus with extensions formodelling cryptographic protocols. By treating inputs symbolically, oursemantics avoids potentially infinite branching of execution trees due toinputs from the environment. Correctness is maintained by associatingwith each process a se...
متن کاملStéphanie Delaune
We propose a symbolic semantics for the finite applied pi calculus.The applied pi calculus is a variant of the pi calculus with extensions formodelling cryptographic protocols. By treating inputs symbolically, oursemantics avoids potentially infinite branching of execution trees due toinputs from the environment. Correctness is maintained by associatingwith each process a se...
متن کاملAutomated Analysis of Equivalence Properties for Security Protocols Using Else Branches
In this paper we present an extension of the AKISS protocol verification tool which allows to verify equivalence properties for protocols with else branches, i.e., disequality tests. While many protocols are represented as linear sequences or inputs, outputs and equality tests, the reality is often more complex. When verifying equivalence properties one needs to model precisely the error messag...
متن کاملModular Verification of Protocol Equivalence in the Presence of Randomness
Security protocols that provide privacy and anonymity guarantees are growing increasingly prevalent in the online world. The highly intricate nature of these protocols makes them vulnerable to subtle design flaws. Formal methods have been successfully deployed to detect these errors, where protocol correctness is formulated as a notion of equivalence (indistinguishably). The high overhead for v...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011