Inductive study of confidentiality: for everyone-Reference-Cited by-同舟云学术

Inductive study of confidentiality: for everyone

Published:2014-01 Issue:1 Volume:26 Page:3-36
ISSN:0934-5043
Container-title:Formal Aspects of Computing
language:en
Short-container-title:Form. Asp. Comput.

Author:

Bella Giampaolo¹²

Affiliation:

1. Software Technology Research Laboratory, De Montfort University, Leicester, UK

2. Dipartimento di Matematica e Informatica, Università di Catania, Viale A. Doria 6, I-95125, Catania, Italy

Abstract

Abstract The Inductive Method is among the most established tools to analyse security protocols formally. It has successfully coped with large, deployed protocols, and its findings are widely published. However, perhaps due to its embedding in a theorem prover or to the lack of tutorial publications, it is at times criticised to require super-specialised skills and hence to be rather impractical. This paper aims at showing that criticism to be stereotypical. It pursues its aim by presenting the first tutorial-style paper to using the Inductive Method. This paper cannot cover every aspect of the method. It focuses on a key one, that is how the Inductive Method treats one of the main goals of security protocols: confidentiality against a threat model. The treatment of that goal, which may seem elegant in the Inductive Method, in fact forms a key aspect of all protocol analysis tools, hence the paper motivation rises still. With only standard skills as a requirement, the reader is guided step by step towards design and proof of significant confidentiality theorems. These are developed against two threat models, the standard Dolev–Yao and a more up-to-date one, the General Attacker, the latter turning out particularly useful also for didactic purposes.

Publisher

Association for Computing Machinery (ACM)

Subject

Theoretical Computer Science,Software

Link

http://link.springer.com/content/pdf/10.1007/s00165-012-0246-3.pdf

Reference39 articles.

1. Arsac W Bella G Chantry X Compagna L (2009) Attacking each other. In: Proceedings of the 17th international workshop on security protocols (CIWSP’09). LNCS Series. Springer Berlin (in press)

2. Arsac W Bella G Chantry X Compagna L (2009) Validating security protocols under the general attacker. In: Degano P Viganò L (eds) Proceedings of the joint workshop on automated reasoning for security protocol analysis and issues in the theory of security (ARSPA-WITS’09). LNCS vol 5511. Springer Berlin pp 34–51

3. Multi-attacker protocol validation;Arsac W;Springer Int J Automa Reason,2010

4. Armando A Compagna L (2005) An optimized intruder model for SAT-based model-checking of security protocols. In: Proceedings of the workshop on automated reasoning for security protocol analysis (ARSPA’04). ENTCS vol 125. Elsevier Amsterdam pp 91–108

5. Armando A Carbone R Cuellar J Tobarra L Compagna L (2008) Formal analysis of saml 2.0 web browser single sign-on: breaking the saml-based single sign-on for google apps. In: Proceedings of FMSE. ACM Press New York

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. You Already Used Formal Methods but Did Not Know It;Formal Methods Teaching;2019

2. Automated type-based analysis of injective agreement in the presence of compromised principals;Journal of Logical and Algebraic Methods in Programming;2015-09

3. Towards Verifying Voter Privacy through Unlinkability;Lecture Notes in Computer Science;2013