Abstract
A process following a security protocol is represented by a formal proof (of a fragment of linear logic based on the multiset rewriting model), modifying the idea by Cervesato-Durgin-Lincoln-Mitchell- Scedrov [4], while the (modified) BAN logic (which was first introduced by Burrows-Abadi-Needham [2]) is used as an evaluation semantics on security-properties for processes. By this method, we can get rid of the so called “idealization” step in the verification procedure of the BAN framework. In particular, we classify BAN-style belief-inferences into two categories; the inferences which only require some syntactic structure of a process observed by a participant on one hand, and the inferences which require a participant’s knowledge on the structure of a protocol and a certain honesty assumption.We call the latter the honesty inferences.We shall show how such honesty inferences are used in the evaluation semantics for the security verification. We also point out that the evaluation inferences on freshness of nonces/keys/messages are classified as in the first category but that some of such inferences lack the information how to evaluate due to the lack of a certain concrete time-constraint setting. We introduce a natural time-constraint setting in our process/protocol descriptions and enrich the expressive power of the freshness evaluation.
This work was partly supported by Grants-in-Aid for Scientific Research of MEXT, Center of Excellence of MEXT on Humanity Sciences (Keio University), the Japan- US collaborative research program of JSPS-NSF, Oogata-kenkyuu-jyosei grant (Keio University) and Global Security Center grant (Keio University). The first author was also supported by Fellowship for Japanese Junior Scientists from Japan Society for the Promotion of Science.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
C. Boyd and W. Mao. On a Limitation of BAN Logic. LNCS Vol. 765, Eurocrypt’ 93, edited by T. Helleseth, pp. 240–247, 1993.
M. Burrows, M. Abadi and R. Needham. A Logic of Authentication. Technical Report 39, Digital System Research Center, 1989.
F. Butler, I. Cervesato, A. Jaggard, and A. Scedrov. A formal analysis of some properties of Kerberos 5 using MSR. In: S. Schneider, ed., 15-th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June, 2002, IEEE Computer Society Press, 2002, pp. 175–190.
I. Cervesato, N.A. Durgin, P.D. Lincoln, J.C. Mitchell and A. Scedrov. A metanotation for protocol analysis. 12th IEEE Computer Security Foundations Workshop, 1999.
J. Clark and J. Jacob. A Survey of Authentication Protocol Literature: Version 1.0 (web draft).
N.A. Durgin, P.D. Lincoln, J.C. Mitchell and A. Scedrov. Undecidability of bounded security protocol. The 1999 Federated Logic Conference (FLoC’ 99), 11 pages, 1999.
N. Durgin, J. Mitchell, and D. Pavlovic. A Compositional Logic for Protocol Correctness. In:S. Schneider, ed., 14-th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June, 2001, IEEE Computer Society Press
J.-Y. Girard. Linear Logic. Theoretical Computer Science, Vol. 50, pp. 1–102, 1987.
L. Gong, R. Needham and R. Yahalom. Reasoning About Belief in Cryptographic Protocols. Proceedings 1990 IEEE Symposium on Research in Security and Privacy, pp. 234–248, 1990.
G. Lowe. An Attack on the Needham-Schroeder Public Key Authentication Protocol. Information Processing Letters, 56 (3), pp. 131-136, 1995.
R. Needham and M. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM pp. 993–999, 1978.
M. Kanovich, M. Okada and A. Scedrov. Specifying Real-Time Finite-State Systems in Linear Logic. Proc. International Workshop on Time-Sensitive Constraint Programming and Electronic Notes of Theoretical Computer Science 16, No. 1, 14 pages, 1998.
M. Okada and K. Hasebe Logical Verifications for Security Protocols Based on Linear Logic. (in Japanese) Technical report of IEICE, 102(91), pp. 49–54, 2002.
P. Syverson. A taxonomy of replay attacks. Proceedings of the Computer Security Foundations Workshop (CSFW7), pp. 187–191, 1994.
P. Syverson and P. C. van Oorschot. A unified cryptographic protocol logic. NRL Publications, 5540–227, Naval Research Lab, 1996.
P. Syverson and I. Cervesato. The Logic of Authentication Protocols. Lecture Notes in Computer Science, Vol. 2171, pp. 63–136, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hasebe, K., Okada, M. (2003). A Logical Verification Method for Security Protocols Based on Linear Logic and BAN Logic. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_24
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive