Computer Science – Cryptography and Security
Scientific paper
2003-12-14
Computer Science
Cryptography and Security
29 pages, To appear in Theory and Practice of Logic Programming (TPLP) Paper for Special Issue (Verification and Computational
Scientific paper
Security protocols stipulate how the remote principals of a computer network should interact in order to obtain specific security goals. The crucial goals of confidentiality and authentication may be achieved in various forms, each of different strength. Using soft (rather than crisp) constraints, we develop a uniform formal notion for the two goals. They are no longer formalised as mere yes/no properties as in the existing literature, but gain an extra parameter, the security level. For example, different messages can enjoy different levels of confidentiality, or a principal can achieve different levels of authentication with different principals. The goals are formalised within a general framework for protocol analysis that is amenable to mechanisation by model checking. Following the application of the framework to analysing the asymmetric Needham-Schroeder protocol, we have recently discovered a new attack on that protocol as a form of retaliation by principals who have been attacked previously. Having commented on that attack, we then demonstrate the framework on a bigger, largely deployed protocol consisting of three phases, Kerberos.
Bella Giampaolo
Bistarelli Stefano
No associations
LandOfFree
Soft Constraint Programming to Analysing Security Protocols does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Soft Constraint Programming to Analysing Security Protocols, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Soft Constraint Programming to Analysing Security Protocols will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-102294