A Completeness Result for BAN Logic
نویسندگان
چکیده
BAN logic is a propositional logic of knowledge for the verification of cryptographic protocols. While BAN logic has been successful from a practical point of view, the semantics of the epistemic (knowledge) modality is unclear. Several Kripke semantics have been proposed, but they do not attempt at anything beyond a soundness result. Completeness is prevented by the so called logical omniscience problem: Agents in BAN can draw only feasibly computable consequences of their knowledge, whereas agents in Kripke semantics are not so constrained. To circumvent this problem, we index the epistemic possibility relation of Kripke semantics with a message correlation, relating how cipher texts at the current state correspond to cipher texts at the epistemically possible state. An agent is said to know a property of a message if corresponding messages at epistemically possible states satisfy that property. We obtain completeness with respect to message passing systems, and decidability, by transferring canonical model and filtration constructions from Kripke semantics.
منابع مشابه
Equality propositional logic and its extensions
We introduce a new formal logic, called equality propositional logic. It has two basic connectives, $boldsymbol{wedge}$ (conjunction) and $equiv$ (equivalence). Moreover, the $Rightarrow$ (implication) connective can be derived as $ARightarrow B:=(Aboldsymbol{wedge}B)equiv A$. We formulate the equality propositional logic and demonstrate that the resulting logic has reasonable properties such a...
متن کاملA Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications
Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of s...
متن کاملBAN Logic is Not ‘Sound’, Constructing Epistemic Logics for Security is Difficult
We show that BAN logic, an epistemic logic for analyzing security protocols, contains an inference rule that wrongly ascribes a certain property to cryptographic hash functions. This faulty inference rule makes the BAN logic not ‘sound’. That is, it is possible to derive counterintuitive beliefs which cannot be computationally justified. We will prove this in this paper. This result should coun...
متن کاملDecision Procedures for the Analysis of Cryptographic Protocols by Logics of Belief
Belief-logic deductions are used in the analysis of cryptographic protocols. We show a new method to decide such logics. In addition to the familiar BAN logic, it is also applicable to the more advanced versions of protocol security logics, and GNY in particular; and it employs an efficient forward-chaining algorithm the completeness and termination of which are proved. Theoretic proofs, implem...
متن کاملHow to Cook a Complete Hoare Logic for Your Pet OO Language
This paper introduces a general methodology for obtaining complete Hoare logics for object-oriented languages. The methodology is based on a new completeness result of a Hoare logic for a procedural language with dynamically allocated variables. This new result involves a generalization of Gorelick’s seminal completeness result of the standard Hoare logic for recursive procedures with simple va...
متن کامل