• Complain

V. Cortier - Formal Models and Techniques for Analyzing Security Protocols

Here you can read online V. Cortier - Formal Models and Techniques for Analyzing Security Protocols full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2011, publisher: IOS Press, genre: Home and family. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    Formal Models and Techniques for Analyzing Security Protocols
  • Author:
  • Publisher:
    IOS Press
  • Genre:
  • Year:
    2011
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

Formal Models and Techniques for Analyzing Security Protocols: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Formal Models and Techniques for Analyzing Security Protocols" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Security protocols are the small distributed programs which are omnipresent in our daily lives in areas such as online banking and commerce and mobile phones. Their purpose is to keep our transactions and personal data secure. Because these protocols are generally implemented on potentially insecure networks like the internet, they are notoriously difficult to devise. The field of symbolic analysis of security protocols has seen significant advances during the last few years. There is now a better understanding of decidability and complexity questions and successful automated tools for the provision of security and prevention of attack have been applied to numerous protocols, including industrial protocols. Models have been extended with algebraic properties to weaken the perfect cryptography assumption and even computational soundness results towards cryptographic models have been achieved. What was still missing, however, was a book which summarized the state-of-the-art of these advances. Whilst this book does not pretend to give a complete overview of the field - something which would be impossible in a single volume - it does, nevertheless, cover a representative sample of the ongoing work in this field, which is still very active. The book contains an introduction and ten tutorial-like chapters on selected topics, each written by a leading expert, and will be of interest to all those involved in the formal analysis of security protocols.

V. Cortier: author's other books


Who wrote Formal Models and Techniques for Analyzing Security Protocols? Find out the surname, the name of the author of the book and a list of all author's works by series.

Formal Models and Techniques for Analyzing Security Protocols — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Formal Models and Techniques for Analyzing Security Protocols" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
FORMAL MODELS AND TECHNIQUES FOR ANALYZING SECURITY PROTOCOLS Cryptology and - photo 1
FORMAL MODELS AND TECHNIQUES FOR ANALYZING SECURITY PROTOCOLS Cryptology and - photo 2

FORMAL MODELS AND TECHNIQUES FOR ANALYZING SECURITY PROTOCOLS Cryptology and Information Security Series The Cryptology & Information Security Series (CISS) presents the latest research results in the theory and practice, analysis and design, implementation, application and experience of cryptology and information security techniques. It covers all aspects of cryptology and information security for an audience of information security researchers with specialized

technical backgrounds.

Coordinating Series Editors: Raphael C.-W. Phan and Jianying Zhou Series editors

Feng Bao, Institute for Infocomm Research, Singapore Nasir Memon, Polytech University, USA Kefei Chen, Shanghai Jiaotong University, China Chris Mitchell, RHUL, United Kingdom Robert Deng, SMU, Singapore David Naccache, cole Normale Sup rieure, France Yevgeniy Dodis, New York University, USA Gregory Neven, IBM Research, Switzerland Dieter Gollmann, TU Hamburg-Harburg, Germany Phong Nguyen, CNRS / cole Normale Suprieure, France Markus Jakobsson, Indiana University, USA Andrew Odlyzko, University of Minnesota, USA Marc Joye, Thomson R&D, France Adam Young, MITRE Corporation, USA Javier Lopez, University of Malaga, Spain Moti Yung, Columbia University, USA

Volume 5

Recently published in this series

Vol. 4. Y. Li and J. Zhou (Eds.), Radio Frequency Identification System Security RFIDsec10 Asia Workshop Proceedings

Vol. 3. C. Czosseck and K. Geers (Eds.), The Virtual Battlefield: Perspectives on Cyber Warfare

Vol. 2. M. Joye and G. Neven (Eds.), Identity-Based Cryptography Vol. 1. J. Lopez and J. Zhou (Eds.), Wireless Sensor Network Security

ISSN 1871-6431 (print)

ISSN 1879-8101 (online)

Formal Models and Techniques for Analyzing Security Protocols

Edited by

Vronique Cortier

CNRS

and

Steve Kremer

INRIA

Picture 3

Amsterdam Berlin Tokyo Washington, DC

2011 The authors and IOS Press.

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without prior written permission from the publisher. ISBN 978-1-60750-713-0 (print)

ISBN 978-1-60750-714-7 (online)

Library of Congress Control Number: 2011923591

Publisher

IOS Press BV

Nieuwe Hemweg 6B

1013 BG Amsterdam

The Netherlands

fax: +31 20 687 0019

e-mail: order@iospress.nl

Distributor in the USA and Canada

IOS Press, Inc.

4502 Rachael Manor Drive

Fairfax, VA 22032

USA

fax: +1 703 323 3668

e-mail: iosbooks@iospress.com

LEGAL NOTICE

The publisher is not responsible for the use which might be made of the following information. PRINTED IN THE NETHERLANDS

Formal Models and Techniques for Analyzing Security Protocols v

V. Cortier and S. Kremer (Eds.)

IOS Press, 2011

2011 The authors and IOS Press. All rights reserved.

Preface

Security protocols are small distributed programs which aim to achieve security proper-ties such as confidentiality, authentication, anonymity, etc. Nowadays, security proto-cols are omnipresent in our daily lives: home-banking, electronic commerce, mobile phones, etc. However, because these protocols are generally implemented on poten-tially insecure networks (e.g. the Internet) they are extremely difficult to devise. Using Roger Needhams words Security protocols are three line programs that people still manage to get wrong. Based on the seminal work of Dolev and Yao, symbolic meth-ods for analyzing such protocols have been in development for about 25 years. The main components of these models are the perfect cryptography assumption and an un-bounded non-deterministic adversary that has complete control of the network.

The field of symbolic analysis of security protocols has seen significant advances during the last few years. We now have a better understanding of decidability and com-plexity questions and models with solid theoretical foundations have been developed together with proof techniques. Automated tools have also been designed and success-fully applied to numerous protocols, including industrial protocols, for the provision of security or the discovery of attacks, and models have been extended with algebraic properties in order to weaken the perfect cryptography assumption. Recently, even computational soundness results towards cryptographic models have been achieved.

However, the field was still missing a book which summarized the state-of-the-art of these advances. While we certainly do not pretend to give a complete overview of the field, which would be impossible in a single book, nevertheless, we believe that we have covered a representative sample of the ongoing work in this field, which is still very active. This book contains an introduction and 10 tutorial-like chapters on selected

topics, each written by a leading expert in the field of formal analysis of security proto-cols. We are extremely grateful to all the authors for their hard work and effort in pre-paring these chapters.

January 2011

Vronique Cortier and Steve Kremer

This page intentionally left blank

Contents

Preface v Vronique Cortier and Steve Kremer

Introduction 1 Vronique Cortier and Steve Kremer

Verifying a Bounded Number of Sessions and Its Complexity 13 Michael Rusinowitch and Mathieu Turuani

Constraint Solving Techniques and Enriching the Model with Equational Theories 35

Hubert Comon-Lundh, Stphanie Delaune and Jonathan K. Millen Analysing Security Protocols Using CSP 62

Gavin Lowe

Using Horn Clauses for Analyzing Security Protocols 86

Bruno Blanchet

Applied pi Calculus 112

Mark D. Ryan and Ben Smyth

Types for Security Protocols 143

Riccardo Focardi and Matteo Maffei

Protocol Composition Logic 182

Anupam Datta, John C. Mitchell, Arnab Roy and Stephan Hyeonjun Stiller Shapes: Surveying Crypto Protocol Runs 222

Joshua D. Guttman

Security Analysis Using Rank Functions in CSP 258

Steve Schneider

Computational Soundness The Case of Diffie-Hellman Keys 277 Emmanuel Bresson, Yassine Lakhnech, Laurent Mazar and Bogdan Warinschi

Author Index 303

This page intentionally left blank

Formal Models and Techn i ques for Analyz i ng Secur i ty Protocols

V . Cort i er and S . Kremer (Eds . )

IOS Press, 2011

2011 The authors and IOS Press . All r i ghts reserved .

do i :10 . 3233/978-1-60750-714-7-1

Introduction

Vronique CORTIER a and Steve KREMER b

a LORIA, CNRS

b LSV, ENS Cachan & CNRS & INRIA

Formal methods have shown their interest when developing critical systems, where safety or security is important. This is particularly true in the eld of security protocols. Such protocols aim at securing communications over a public network. Small aws in the development of such systems may cause important economical damages. Examples of security protocols include the Transport Layer Security (TLS) protocol and its prede-cessor, the Secure Sockets Layer (SSL). These protocols are typically used for guaran-teeing a secure connection to a web site in particular for secure payment over the Inter-net. Most web browsers display a small lock to indicate that you are executing a secure session using one of these protocols. Another emergent application of security protocol is electronic voting. For instance, in the 2007 national elections in Estonia the govern-ment offered the possibility to vote via the Internet. The development of such proto-cols is error-prone and aws are regularly discovered. For example, the SAML 2.0 Web Browser Single Sign-On authentication system developed by Google has recently been attacked. The Single Sign-On protocol allows a user to identify himself only once and then access to various applications (such as Gmail or Google calendar). While designing a formal model of this protocol, Armando et al [ACC + 08] discovered that a dishonest service provider could actually impersonate any of its users at another service provider. This aw has been corrected since. Those examples show the need of precise security guarantees when designing protocols. Moreover, the relatively small size of security pro-tocols makes the use of formal verication reasonable.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Formal Models and Techniques for Analyzing Security Protocols»

Look at similar books to Formal Models and Techniques for Analyzing Security Protocols. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Formal Models and Techniques for Analyzing Security Protocols»

Discussion, reviews of the book Formal Models and Techniques for Analyzing Security Protocols and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.