Secure Pseudonymous Channels

  • Sebastian Mödersheim
  • Luca Viganò
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Channels are an abstraction of the many concrete techniques to enforce particular properties of message transmissions such as encryption. We consider here three basic kinds of channels—authentic, confidential, and secure—where agents may be identified by pseudonyms rather than by their real names. We define the meaning of channels as assumptions, i.e. when a protocol relies on channels with particular properties for the transmission of some of its messages. We also define the meaning of channels as goals, i.e. when a protocol aims at establishing a particular kind of channel. This gives rise to an interesting question: given that we have verified that a protocol P 2 provides its goals under the assumption of a particular kind of channel, can we then replace the assumed channel with an arbitrary protocol P 1 that provides such a channel? In general, the answer is negative, while we prove that under certain restrictions such a compositionality result is possible.


Security Protocol Secure Channel Attack State Honest Agent Insecure Channel 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abadi, M., Fournet, C., Gonthier, G.: Secure Implementation of Channel Abstractions. Information and Computation 174(1), 37–83 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Andova, S., Cremers, C., Gjøsteen, K., Mauw, S., Mjølsnes, S., Radomirović, S.: A framework for compositional verification of security protocols. Information and Computation 206, 425–459 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Héam, P.-C., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Armando, A., Carbone, R., Compagna, L.: LTL Model Checking for Security Protocols. In: Proc. CSFW 2007, pp. 385–396. IEEE CS Press, Los Alamitos (2007)Google Scholar
  5. 5.
    AVISPA. Deliverable 2.3: The Intermediate Format (2003),
  6. 6.
    Backes, M., Pfitzmann, B., Waidner, M.: Secure asynchronous reactive systems, Cryptology ePrint Archive, Report 2004/082 (2004),
  7. 7.
    Bradner, S., Mankin, A., Schiller, J.: A framework for purpose built keys (PBK) (2003), draft-bradner-pbk-frame-06.txt (Work in Progress)
  8. 8.
    Bugliesi, M., Focardi, R.: Language based secure communication. In: Proc. CSFW 2008, pp. 3–16. IEEE Computer Society Press, Los Alamitos (2008)Google Scholar
  9. 9.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proc. FOCS 2001, pp. 136–145. IEEE Computer Society Press, Los Alamitos (2001)Google Scholar
  10. 10.
    Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key Kerberos. Information and Computation 206, 402–424 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Cortier, V., Delaune, S.: Safely composing security protocols. Formal Methods in System Design 34(1), 1–36 (2009)CrossRefzbMATHGoogle Scholar
  12. 12.
    Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: Secure protocol composition. In: Proc. FMSE 2003, pp. 11–23. ACM Press, New York (2003)Google Scholar
  13. 13.
    Delaune, S., Kremer, S., Ryan, M.D.: Composition of password-based protocols. In: Proc. CSFW 2008, pp. 239–251. IEEE Computer Society Press, Los Alamitos (2008)Google Scholar
  14. 14.
    Dierks, T., Allen, C.: RFC2246 – The TLS Protocol Version 1 (1999)Google Scholar
  15. 15.
    Dilloway, C., Lowe, G.: On the specification of secure channels. In: Proc. WITS 2007 (2007)Google Scholar
  16. 16.
    Guttman, J.D.: Authentication tests and disjoint encryption: a design method for security protocols. J. Comp. Sec. 4(12), 409–433 (2004)Google Scholar
  17. 17.
    Guttman, J.D.: Cryptographic protocol composition via the authentication tests. In: de Alfaro, L. (ed.) FOSSACS 2009, vol. 5504, pp. 303–317. Springer, Heidelberg (2009)Google Scholar
  18. 18.
    Hankes Drielsma, P., Mödersheim, S., Viganò, L., Basin, D.: Formalizing and analyzing sender invariance. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 80–95. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: Proc. CSFW 2000, pp. 217–244. IEEE CS Press, Los Alamitos (2000)Google Scholar
  20. 20.
    Johnson, D., Perkins, C., Arkko, J.: RFC3775–Mobility Support in IPv6 (2004)Google Scholar
  21. 21.
    Lowe, G.: A hierarchy of authentication specifications. In: Proc. CSFW 1997, pp. 31–43. IEEE CS Press, Los Alamitos (1997)Google Scholar
  22. 22.
    Lowe, G.: Casper: a Compiler for the Analysis of Security Protocols. J. Comp. Sec. 6(1), 53–84 (1998)MathSciNetGoogle Scholar
  23. 23.
    Maurer, U.M., Schmid, P.E.: A calculus for security bootstrapping in distributed systems. J. Comp. Sec. 4(1), 55–80 (1996)Google Scholar
  24. 24.
    Mödersheim, S.: Models and Methods for the Automated Analysis of Security Protocols. PhD Thesis, ETH Zurich, ETH Dissertation No. 17013 (2007)Google Scholar
  25. 25.
    Mödersheim, S.: Algebraic Properties in Alice and Bob Notation. In: Proc. Ares 2009; Full version: T. Rep. RZ3709, IBM Zurich Research Lab (2008),
  26. 26.
    Mödersheim, S., Viganò, L.: Secure Pseudonymous Channels (extended version). T. Rep. RZ3724, IBM Zurich Research Lab (2009),
  27. 27.
    Sprenger, C., Backes, M., Basin, D., Pfitzmann, B., Waidner, M.: Cryptographically Sound Theorem Proving. In: Proc. CSFW 2006, pp. 153–166. IEEE CS Press, Los Alamitos (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Sebastian Mödersheim
    • 1
  • Luca Viganò
    • 2
  1. 1.IBM Zurich Research LaboratorySwitzerland
  2. 2.Dep. of Computer ScienceUniversity of VeronaItaly

Personalised recommendations