On the representation and verification of cryptographic protocols in a theory of action

Cryptographic protocols are usually specified in an informal, ad hoc language, with crucial elements, such as the protocol goal, left implicit. We suggest that this is one reason that such protocols are difficult to analyse, and are subject to subtle and nonintuitive attacks. We present an approach...

Full description

Saved in:
Bibliographic Details
Published in2010 Eighth Annual International Conference on Privacy, Security and Trust pp. 39 - 45
Main Authors Delgrande, James P, Hunter, Aaron, Grote, Torsten
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.08.2010
Subjects
Calculus
Chromium
Cryptographic protocols
Cryptography
Software
Vocabulary
Online AccessGet full text
ISBN9781424475513
1424475511
DOI10.1109/PST.2010.5593236

Cover

More Information
Summary:Cryptographic protocols are usually specified in an informal, ad hoc language, with crucial elements, such as the protocol goal, left implicit. We suggest that this is one reason that such protocols are difficult to analyse, and are subject to subtle and nonintuitive attacks. We present an approach for formalising and analysing cryptographic protocols in a theory of action, specifically the situation calculus. Our thesis is that all aspects of a protocol must be explicitly specified. We provide a declarative specification of underlying assumptions and capabilities in the situation calculus. A protocol is translated into a sequence of actions to be executed by the principals, and a successful attack is an executable plan by an intruder that compromises the specified goal. Our prototype verification software takes a protocol specification, translates it into a high-level situation calculus (Golog) program, and outputs any attacks that can be found. We describe the structure and operation of our prototype software, and discuss performance issues.
ISBN:9781424475513
1424475511
DOI:10.1109/PST.2010.5593236