BAN Logic is Not ‘Sound’, Constructing Epistemic Logics for Security is Difficult
نویسنده
چکیده
We show that BAN logic, an epistemic logic for analyzing security protocols, contains an inference rule that wrongly ascribes a certain property to cryptographic hash functions. This faulty inference rule makes the BAN logic not ‘sound’. That is, it is possible to derive counterintuitive beliefs which cannot be computationally justified. We will prove this in this paper. This result should count as a warning to those who wish to extend their BAN-descendant logic to one that captures ‘all’ cryptographic primitives.
منابع مشابه
An Epistemic Foundation for Authentication Logics (Extended Abstract)
While there have been many attempts, going back to BAN logic, to base reasoning about security protocols on epistemic notions, they have not been all that successful. Arguably, this has been due to the particular logics chosen. We present a simple logic based on the well-understood modal operators of knowledge, time, and probability, and show that it is able to handle issues that have often bee...
متن کاملRevisiting the Foundations of Authentication Logics
In this paper, we make the point that the problems with logics in the BAN tradition are not with the idea of basing reasoning about security protocols using epistemic notions, but with some of the specific decisions taken in the formulation of these logics. To illustrate this statement, we describe a formal logic for security protocol analysis based on well-understood modal operators, knowledge...
متن کاملDistributed Contingency Logic and Security
In information security, ignorance is not bliss. It is always stated that hiding the protocols (let the other be ignorant about it) does not increase the security of organizations. However, there are cases that ignorance creates protocols. In this paper, we propose distributed contingency logic, a proper extension of contingency (ignorance) logic. Intuitively, a formula is distributed contingen...
متن کاملThe Descent of BAN
The famous BAN paper [3] determined the research agenda of security-protocol verification for nearly a decade. Many others had worked on verifying security protocols, and the problem appeared to be intractable. The real-world systems were too complicated; too many different things could go wrong; the formal treatments were unusable. The BAN logic was abstract, formalizing intuitive notions dire...
متن کاملTruth Values and Connectives in Some Non-Classical Logics
The question as to whether the propositional logic of Heyting, which was a formalization of Brouwer's intuitionistic logic, is finitely many valued or not, was open for a while (the question was asked by Hahn). Kurt Gödel (1932) introduced an infinite decreasing chain of intermediate logics, which are known nowadays as Gödel logics, for showing that the intuitionistic logic is not finitely (man...
متن کامل