PRACTICAL AND UNIVERSAL INTERPRETATION FUNCTIONS FOR SECRECY

Hanane Houmani, Mohamed Mejri

Abstract

Using the notion of interpretation functions, this paper gives some sufficient and practical conditions allowing to guarantee the correctness of a security protocol with respect to the secrecy property. An interpretation function is a safe means by which an agent can estimate the security level of message components that he receives so that he can handle them correctly. An example of an universal interpretation function is given in this paper together with how to use it to analyse a cryptographic protocol.

References

  1. Abadi, M. (1999). Secrecy by typing in security protocols. Journal of the ACM, 46(5):749-786.
  2. Blanchet, B. and Podelski, A. (2003). Verification of cryptographic protocols: Tagging enforces termination. In Foundations of Software Science and Computational Structures, volume 2620 / 2003, pages 136-152, Warsaw, Poland. Springer-Verlag Heidelberg.
  3. Boreale, M. and Gorla, D. (2002). Process calculi and the verification of security properties. Journal of Telecommunication and Information TechnologySpecial Issue on Cryptographic Protocol Verification, (4/02):28-40.
  4. Burrows, M., Abadi, M., and Needham, R. (1990). Rejoinder to Nessett. ACM Operating Systems Review, 24(2):39-40.
  5. Cervesato, I., Durgin, N. A., Lincoln, P., Mitchell, J. C., and Scedrov, A. (1999). A meta-notation for protocol analysis. In CSFW, pages 55-69.
  6. Comon, H. and Shmatikov, V. (2002). Is it possible to decide whether a cryptographic protocol is secure or not. Journal of Telecommunications and Information Technolog,.
  7. Comon-Lundh, H. and Cortier, V. (2003a). New decidability results for fragments of first-order logic and application to cryptographic protocols. In RTA, pages 148-164.
  8. Comon-Lundh, H. and Cortier, V. (2003b). Security properties: Two agents are sufficient. In ESOP, pages 99- 113.
  9. Delicata, R. and Schneider, S. (2005). Temporal rank functions for forward secrecy. In CSFW 7805: Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW'05), pages 126-139, Washington, DC, USA. IEEE Computer Society.
  10. Durgin, N., Mitchell, J., and Pavlovic, D. (2001). A compositional logic for protocol correctness.
  11. Even, S. and Goldreich, O. (1983). On the security of multiparty ping-pong protocols. In IEEE Symposium on Foundations of Computer Science, pages 34-39.
  12. Gangon, F. and Mejri, M. (2006). A decision procedure for structured cryptographic protocols. In New Trends in Software Methodologies, Tools and Techniques, pages 272-286. IOS Press.
  13. Heintze, N. and Tygar, J. D. (1996). A model for secure protocols and their compositions. Software Engineering, 22(1):16-30.
  14. Houmani, H. and Mejri, M. (2003). Secure protocols for secrecy. In Foundations of Computer Security Afiliated with LICS'03, pages 85-96, Ottawa, Canada.
  15. Houmani, H. and Mejri, M. (2007a). Secrecy by interpretation functions. Knowledge-Based Systems, doi:10.1016/j.knosys.2007.05.003.
  16. Houmani, H. and Mejri, M. (2007b). Secrecy by interpretation functions: Extended version. Thechnical Report, www.ift.ulaval.ca\╦ťhahou\techReport1.pdf.
  17. Lowe, G. (1998). Towards a Completeness Result for Model Checking of Security Protocols. In Proceedings of 11th IEEE Computer Security Foundations Workshop, pages 96-108.
  18. Mao, W. and Boyd, C. (1993). Towards the Formal Analysis of Security Protocols. In Proceedings of the Computer Security Foundations Workshop VI, pages 147- 158. IEEE Computer Society Press.
  19. Meadows, C. (2003). What makes a cryptographic protocol secure? the evolution of requirements specification in formal cryptographic protocol analysis. In Proceedings of ESOP 03. Springer-Verlag.
  20. Paulson, L. C. (1997). Proving properties of security protocols by induction. In 10th Computer Security Foundations Workshop, pages 70-83. IEEE Computer Society Press.
  21. Ramanujam, R. and Suresh, S. (2003). Tagging makes secrecy decidable with unbounded nonces as well. In Lecture Notes in Computer Science, volume 2914/2003. FST TCS 2003: Foundations of Software Technology and Theoretical Computer Science, Publisher Springer Berlin / Heidelberg.
  22. Schneider, S. (1998). Verifying authentication protocols in csp. IEEE Trans. Softw. Eng., 24(9):741-758.
  23. Stoller, S. D. (1999). Lower and upper bounds for attacks on authentication protocols. In Symposium on Principles of Distributed Computing, page 283.
  24. Woo, T. Y. C. and Lam, S. S. (1994). A Lesson on Authentication Protocol Design. Operating Systems Review, pages 24-37.
Download


Paper Citation


in Harvard Style

Houmani H. and Mejri M. (2007). PRACTICAL AND UNIVERSAL INTERPRETATION FUNCTIONS FOR SECRECY . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 157-164. DOI: 10.5220/0002129101570164


in Bibtex Style

@conference{secrypt07,
author={Hanane Houmani and Mohamed Mejri},
title={PRACTICAL AND UNIVERSAL INTERPRETATION FUNCTIONS FOR SECRECY},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={157-164},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002129101570164},
isbn={978-989-8111-12-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - PRACTICAL AND UNIVERSAL INTERPRETATION FUNCTIONS FOR SECRECY
SN - 978-989-8111-12-8
AU - Houmani H.
AU - Mejri M.
PY - 2007
SP - 157
EP - 164
DO - 10.5220/0002129101570164