- 著者
- Nevin Heintze, J.D. Tygar
- タイトル
- Timed Models for Protocol Security
- 日時
- January 1992
- 概要
- The notion of time is prerequisite for describing and verifying
the security properties of key management protocols.
Without it, properties relating to the expiration of keys and
the freshness of messages and nonces cannot be formulated.
Recently Burrows, Abadi and Needham proposed a formal system for
protocol verification which includes an ability to reason about
time.
In essence their " Logic of Authentication" is a proof theory
for reasoning about key management protocols.
One difficulty with such a logic lies in justifying the
inferences that can be made.
We approach this problem by developing an accompanying model
theory for protocol security. Model theoretic techniques have
been used before in the protocol verification literature, but
our approach is different in two respects.
First we consider a model theory which includes a notion of
time.
Second, the purpose of much of the previous model theoretic work
was aimed at developing protocol verification tools and so
assumptions about specific kinds of protocols and methods for
breaking protocols were built into the model, often implicitly.
In contrast, our account is more general and centers on a
justification of the notion of model itself.
The main results of this work include
* a model theoretic definition of protocol security that
is provably equivalent to a variety of alternative
definitions;
* demonstration that some questions about protocol
security properties are undecidable, and
* a schema for demonstrating the validity of many
protocols by the use of model checking.
- カテゴリ
- CMUTR
Category: CMUTR
Institution: Department of Computer Science, Carnegie
Mellon University
Abstract: The notion of time is prerequisite for describing and verifying
the security properties of key management protocols.
Without it, properties relating to the expiration of keys and
the freshness of messages and nonces cannot be formulated.
Recently Burrows, Abadi and Needham proposed a formal system for
protocol verification which includes an ability to reason about
time.
In essence their " Logic of Authentication" is a proof theory
for reasoning about key management protocols.
One difficulty with such a logic lies in justifying the
inferences that can be made.
We approach this problem by developing an accompanying model
theory for protocol security. Model theoretic techniques have
been used before in the protocol verification literature, but
our approach is different in two respects.
First we consider a model theory which includes a notion of
time.
Second, the purpose of much of the previous model theoretic work
was aimed at developing protocol verification tools and so
assumptions about specific kinds of protocols and methods for
breaking protocols were built into the model, often implicitly.
In contrast, our account is more general and centers on a
justification of the notion of model itself.
The main results of this work include
* a model theoretic definition of protocol security that
is provably equivalent to a variety of alternative
definitions;
* demonstration that some questions about protocol
security properties are undecidable, and
* a schema for demonstrating the validity of many
protocols by the use of model checking.
Number: CMU-CS-92-100
Bibtype: TechReport
Month: jan
Author: Nevin Heintze
J.D. Tygar
Title: Timed Models for Protocol Security
Year: 1992
Address: Pittsburgh, PA
Super: @CMUTR