Chao Feng,Yuebing Chen,Quan Zhang,Chaojing Tang

DOI: https://doi.org/10.1109/iccsit.2010.5565119

2010-01-01

Abstract:This paper presents a logic for signature-based security protocols. We propose an object-oriented model for the execution of security protocols, where protocol roles are modeled as classes and the programs executed by them are modeled as member functions. Unlike most of the formal verification logics, our logic is closer to the cryptography used in security protocols, and can formalize and utilize the different security levels of public-key signature schemes. We demonstrate the power of the logic by verifying the standard signature-based challenge-response protocol using signature algorithms with different security notions.

LIU Ying-jie,YAO Zheng-an

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.23.057

2007-01-01

Abstract:This paper presents a new logic which can be used to analyze security protocols.There is no necessity to idealize protocols when analyzing authentication protocols,which can avoid analysis errors caused by informal idealization.The new logic can be used to analyze accountability and fairness in electronic commerce protocols including the real-world protocols.The process of analyzing protocols is concise and can be implemented automatically.

余荣威,王丽娜,匡波

DOI: https://doi.org/10.3321/j.issn:1000-436x.2008.10.004

2008-01-01

Journal of Communications

Abstract:By the introduction of the natural law of survival of the fittest,an improved method of automatically designing cryptographic protocols was proposed.This method regards BAN-like logic as a basic tool to describe them,construct a fitness function to assess the performance of individuals systematically in order to reach the best solutions.The result shows the method can assure correctness and security of the designed protocol.Furthermore,it has a strong feasibility and applicability.

Chao-jing TANG,Zhi-yong LU,Chao FENG

DOI: https://doi.org/10.3969/j.issn.0372-2112.2014.06.022

2014-01-01

Abstract:This paper proposes a logic for verifying security protocols in the computational model ,which can describe the computation and communication actions precisely .We present a cryptographically sound proof system on the logic and can formalize the various security properties for encryption algorithms directly .During the research ,several unsoundness of the formalization with the computational protocol compositional logic in prior work is discovered ,and corresponding solutions are proposed .By proving the security properties for the Needham-Schroeder-Lowe protocol ,the power of the logic is demonstrated .Being different from most of the current verification approaches ,this logic reasons about the security of protocols from the security of cryptographic algorithms forwardly ,and is both easy to use and cryptographically sound .

Michael Burrows,Martin Abadi,Roger Needham

DOI: https://doi.org/10.1145/77648.77649

1990-02-01

ACM Transactions on Computer Systems

Abstract:Authentication protocols are the basis of security in many distributed systems, and it is therefore essential to ensure that these protocols function correctly. Unfortunately, their design has been extremely error prone. Most of the protocols found in the literature contain redundancies or security flaws. A simple logic has allowed us to describe the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication. We have been able to explain a variety of authentication protocols formally, to discover subtleties and errors in them, and to suggest improvements. In this paper we present the logic and then give the results of our analysis of four published protocols, chosen either because of their practical importance or because they serve to illustrate our method.

computer science, theory & methods

张玉清,吴建平,李星

DOI: https://doi.org/10.3321/j.issn:1000-0054.2002.01.028

2002-01-01

Abstract:BAN (Burrows, Abadi and Needham) like logic can aid the design, analysis, and verification of cryptographic protocols used over open networks and distributed systems. This paper introduces BAN like logic and then illustrates the limitations of BAN logic on protocol idealization as a survey of the current state of BAN like logic. The conclusions are that BAN like logic is still one of the main tools for analysis of cryptographic protocols, but protocol idealization is the fatal weakness of BAN like logic. Suggestions are then made for future work. These conclusions will facilitate the development of formal methods for the analysis and design of cryptographic protocols.

Y Lee,XY Chen,XQ Tong,JZ Luo

DOI: https://doi.org/10.1109/tencon.2002.1181249

2002-01-01

Abstract:The security of communication protocols needs to be considered in a distributed network system, and the formal analysis is one of most important methods in evaluating the security of a protocol. However there is a lack of effective formal analysis tools in analyzing the security of a protocol. In this paper we raise a formal logic used for analyzing security of a protocol, the Select Accept Dynamic Logic. and describe successfully the attack act to the communication protocols - the TMN (Tatebayashi et al. (1990)) protocol and the Needham-Schroeder (1978) protocol - with this logic. The Select Accept Dynamic Logic will provide a new effective tool for the analysis of protocols.

MY Mao,ZC Chen,HC He

DOI: https://doi.org/10.1109/icmlc.2005.1527381

2005-01-01

Abstract:In these years, universal logic has developed greatly. As a kind of concrete universal logic, authentic logic is used to analyze the security of cryptographic protocols. This paper firstly puts forward relational conceptions and gives the structure's expression of object-oriented universal logic. Then authors analyze the logic structure's expression of authentic logic with the example: BAN logic. Using the conceptions of general correlation and general self-correlation, authors discuss the applicability and correlation of authentic logic. This work can contribute to perfecting authentic logic in artificial intelligence reasoning, and offering a new expression way of universal logic.

LI Song,WANG Lina,YU Rongwei,KUANG Bo

DOI: https://doi.org/10.3321/j.issn:1671-8836.2009.01.020

2009-01-01

Abstract:By introducing of the natural law of survival of the fittest,an improved method of automatically designing cryptographic protocols is proposed.This method applies SVO logic as a basic tool to describe protocols,constructs a fitness function to assess the performance of individuals systematically and designs a key agreement protocol to meet the corresponding objectives for security.The result shows that: as the generation,the protocol has been verified concurrently when it is generated,to ensure its correctness and security.So the method has a strong feasibility and applicability.

Luo JunZhou,Yang Ming

DOI: https://doi.org/10.1007/s11432-007-0015-8

2007-01-01

Science in China Series F Information Sciences

Abstract:Security protocol is specified as the procedure of challenge-response, which uses applied cryptography to confirm the existence of other principals and fulfill some data negotiation such as session keys. Most of the existing analysis methods, which either adopt theorem proving techniques such as state exploration or logic reasoning techniques such as authentication logic, face the conflicts between analysis power and operability. To solve the problem, a new efficient method is proposed that provides SSM semantics-based definition of secrecy and authentication goals and applies authentication logic as fundamental analysis techniques, in which secrecy analysis is split into two parts: Explicit-information-Leakage and Implicit-Information-Leakage, and correspondence analysis is concluded as the analysis of the existence relationship of Strands and the agreement of Strand parameters. This new method owns both the power of the Strand Space Model and concision of authentication logic.

Fusheng Wu,Jinhui Liu,Yanbing Li,Mingtao Ni

2023-11-01

Abstract:The pi calculus is a basic theory of mobile communication based on the notion of interaction, which, aimed at analyzing and modelling the behaviors of communication process in communicating and mobile systems, is widely applied to the security analysis of cryptographic protocol's design and implementation. But the pi calculus does not provide perfect logic security analysis, so the logic flaws in the design and the implementation of a cryptographic protocol can not be discovered in time. The aim is to analyze whether there are logic flaws in the design and the implementation of a cryptographic protocol, so as to ensure the security of the cryptographic protocol when it is encoded into a software and implemented. This paper introduces logic rules and proofs, binary tree and the KMP algorithm, and proposes a new extension the pi calculus theory, a logic security analysis framework and an algorithm. This paper presents the logic security proof and analysis of TLS1.3 protocol's interactional implementation process. Empirical results show that the new extension theory, the logic security analysis framework and the algorithm can effectively analyze whether there are logic flaws in the design and the implementation of a cryptographic protocol. The security of cryptographic protocols depends not only on cryptographic primitives, but also on the coding of cryptographic protocols and the environment in which they are implemented. The security analysis framework of cryptographic protocol implementation proposed in this paper can ensure the security of protocol implementation.

Cryptography and Security,Logic in Computer Science

Jingbo Ni,Xining Li,Lei Song

DOI: https://doi.org/10.5220/0002508604610464

2005-01-01

Abstract:Mobile Agent system creates a new way for sharing distributed resources and providing multi-located services. With the idea of moving calculations towards resources, it occupies less network traffics than the traditional Client/Server model and achieves more flexibilities than the Remote Procedure Call (RPC) architecture. In order to endow agents with the ability of accessing remote data resources, in this paper we present the design strategies of the Database Interface between a logic programming language based Mobile Agent system and a remote DBMS.

Chen-Xiao MAO,Wen-Jian LUO,Xu-Fa WANG

DOI: https://doi.org/10.3321/j.issn:0254-4164.2007.06.006

2007-01-01

Jisuanji Xuebao/Chinese Journal of Computers

Abstract:In the field of security protocol formal verification, it is a new challenge to analyze security protocol guessing attacks. CKT5 logic, used as the base, is significantly extended in several aspects. Both public key cryptography and Vernam encryption are added to symmetric key cryptography of the original logic, which makes it more powerful in expressing security protocols. Perfect encryption hypothesis is not obeyed any more, and a series of definitions and rules are given to allow principals to guess and verify passwords. Theorems and lemmas given in this paper can describe features of on-line guessing attacks, and simplify the analysis procedure of guessing attacks. The extended logic can be used to analyze guessing attacks on security protocols including on-line guessing attacks.

宋震,张艳,李舟军,陈火旺

DOI: https://doi.org/10.3969/j.issn.1002-137X.2003.08.007

2003-01-01

Computer Science

Abstract:Security protocols use cryptography system to complete the tasks of principal identity authentication andseccion key distribution. The correctness of security protocols is of vital importance to ensure the security of the Inter-net application. Formal methods have been proved to be a valid approach to analyze and verify security protocols. Thispaper briefly introduces the three main styles in the field of security protocol analysis and their representative work.After that,it points out the future deveopment direction.

石曙东,李之棠

DOI: https://doi.org/10.3969/j.issn.1000-1220.2004.12.031

2004-01-01

Abstract:Proposed a new framework is for the analysis of secure protocols. Comparing to the framework proposed by Kailar, it has some improvements. Firstly, it can analyze accountability of protocols . Secondly, it can analyze fairness of protocols efficiently. At last, by introducing the cipher text understanding rule the new framework can analyze the message that includes signed cipher text.

YANG Ming,LUO Jun-zhou

DOI: https://doi.org/10.3321/j.issn:1000-436x.2006.07.007

2006-01-01

Journal of Communications

Abstract:Cryptographic protocol was specified as the procedure of challenge and response using cryptography, not only to confirm the existence of other principals but also to negotiate about some data such as session keys. Applying the idea and some authentication logic results, a new efficient method that provided SSM semantics-based definition of authentication goal was proposed, which summed up correspondence analysis as the analysis of the existence relationship of strands and the consistence of strand parameters.

Jinpeng Huai,Xianxian Li,Wenyi Zhang,Jun Han,Yongzhen Zhuang

DOI: https://doi.org/10.1109/sutc.2006.18

2006-01-01

Abstract:The semantic gap between formal software protocols and designs is one of the major problems restricting smooth transfer of a formal method from protocols towards designs. Goal operationalization is an essential approach to address this issue. KAOS is one of the main protocol languages supporting goal operationalization. However, agents, goals and operations provided in KAOS lack for unified semantic descriptions. In this paper, we propose an agent model, which can unify the operations on agent structure (state) and events of BDI model, and extend their syntax and semantics. An advanced goal operationalized protocol model (GOP model) is built to unify the descriptions of agents, goals and operations. Using a dual agent, we can describe the operation as an operator in the state relationship between an agent and a dual agent. We set up a structure model of the agent attribute field based on a multi-sorted algebra, which can join an operator described in GOP model with structure properties of the sublevel attribute fields. Therefore, the operation model of a single field atom can be adopted to deal with the goal operation of all atoms in an attribute field. Our work is demonstrated to be theoretically significant and practically valuable.

NING Xiao-jun,HUANG Liu-sheng,ZHOU Zhi

2005-01-01

Abstract:Cryptographic protocol is one of the important ways of constructing safe internet environment and protecting the safety of information systems.However,it is very difficult to analyze its limitation and unclose the intrusion.In this article,an automatic cryptographic protocol analysis was put forward,based on object submission and information model inspection by synthesizing the cryptographic protocol analysis based on logic and model matching,and further analysis on public-key protocol of Need-Schroeder(NS) was made.

刘政,赵保华,屈玉贵

DOI: https://doi.org/10.3321/j.issn:1000-436x.2004.03.012

2004-01-01

Abstract:The cryptographic protocol should always satisfy security properties, so the formal specification should give the corresponding proof method. The traditional methods may not be suitable for description or not suitable for verification. In this paper, we introduce temporal logic operator into Construct Categorical Algebra for specification and verification of cryptographic protocol, we modeling both the protocol and the intruder, and deduce its security property with the use of temporal logic. With its application on Equicrypt protocol, we conclude that its an effective method on description and verification of cryptographic protocol.

Yong Ding

1999-01-01

Journal of Software

Abstract:Formal methods and tools are key aspects for the analysis of cryptographic protocols. In this paper, aformal language PEP (principals + environment = protocol ) for the specification of cryptograph is proposed. For some cryptographic protocols, their PEP specifications can be translated into finite basic CCSprocesses, so it is possible to analyze the security properties using CCS-based tools such as CWB (concurrencyworkbench). The advantage of the mothod proposed in this paper is that the actions of the attacker can beimplicitly specified, and if the potential back door of the protocol analyzed exists, the attacking action trace can beexplicitly found out by model checker.