skip to main content
article

Accountability protocols: Formalized and verified

Published:01 May 2006Publication History
Skip Abstract Section

Abstract

Classical security protocols aim to achieve authentication and confidentiality under the assumption that the peers behave honestly. Some recent protocols are required to achieve their goals even if the peer misbehaves. Accountability is a protocol design strategy that may help. It delivers to peers sufficient evidence of each other's participation in the protocol. Accountability underlies the nonrepudiation protocol of Zhou and Gollmann and the certified email protocol of Abadi et al. This paper provides a comparative, formal analysis of the two protocols, and confirms that they reach their goals under realistic conditions. The treatment, which is conducted with mechanized support from the proof assistant Isabelle, requires various extensions to the existing analysis method. A byproduct is an account of the concept of higher-level protocol.

References

  1. Abadi, M. and Blanchet, B. 2003. Computer-assisted verification of a protocol for certified email. In Static Analysis, 10th International Symposium (SAS'03), R. Cousot, Ed. Lecture Notes in Comp. Sci., vol. 2694. Springer-Verlag, New York. 316--335.]]Google ScholarGoogle Scholar
  2. Abadi, M., Glew, N., Horne, B., and Pinkas, B. 2002. Certified email with a light on-line trusted third party: Design and implementation. In Proceedings of the 11th International Conference on Wold Wide Web (WWW-02). ACM Press, New York and Addison Wesley, Reading, MA.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Asokan, N., Shoup, V., and Waidner, M. 1998a. Asynchronous protocols for optimistic fair exchange. In Proc. of the 17th IEEE Sym. on Sec. and Privacy. IEEE Comp. Society Press, New York. 86--99.]]Google ScholarGoogle Scholar
  4. Asokan, N., Shoup, V., and Waidner, M. 1998b. Asynchronous protocols for optimistic fair exchange. In Proc. of the 17th IEEE Sym. on Sec. and Privacy. IEEE Comp. Society Press.]]Google ScholarGoogle Scholar
  5. Bella, G. 2000. Inductive Verification of Cryptographic Protocols. Ph.D. thesis, Research Report 493, Computer Laboratory, University of Cambridge. An extended version to appear as a Monograph by Springer-Verlag.]]Google ScholarGoogle Scholar
  6. Bella, G. 2003. Inductive verification of smart card protocols. J. Comp. Sec. 11, 1, 87--132.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Bella, G., Longo, C., and Paulson, L. C. 2003. Verifying second-level security protocols. In Theorem proving in higher order logics: TPHOLs 2003, D. Basin and B. Wolff, Eds. LNCS 2758. Springer-Verlag, New York. 352--366.]]Google ScholarGoogle Scholar
  8. Bella, G. and Paulson, L. C. 2001. Mechanical proofs about a nonrepudiation protocol. In Theorem proving in higher order logics: TPHOLs 2001, R. J. Boulton and P. B. Jackson, Eds. Lecture Notes in Comp. Sci., vol. 2152. Springer-Verlag, New York. 91--104.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Blanchet, B. 1998. An efficient cryptographic protocol verifier based on Prolog rules. In Proc. of the 14th IEEE Comp. Sec. Found. Workshop. IEEE Comp. Society Press.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Burrows, M., Abadi, M., and Needham, R. M. 1989. A logic of authentication. Proceedings of the Royal Society of London 426, 233--271.]]Google ScholarGoogle ScholarCross RefCross Ref
  11. Cohen, E. 2000. TAPS: A first-order verifier for cryptographic protocols. In Proc. of the 13th IEEE Comp. Sec. Found. Workshop. IEEE Comp. Society Press. 144--158.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Deng, R. H., Gong, L., Lazar, A. A., and Wang, W. 1996. Practical protocols for certified electronic mail. Journal of Network and System Management 4, 3, 279--297.]]Google ScholarGoogle ScholarCross RefCross Ref
  13. Fábrega, F. J. T., Herzog, J. C., and Guttman, J. D. 1998. Strand Spaces: Why is a Security Protocol Correct? In Proc. of the 17th IEEE Sym. on Sec. and Privacy. IEEE Comp. Society Press.]]Google ScholarGoogle ScholarCross RefCross Ref
  14. Gürgens, S. and Rudolph, C. 2002. Security analysis of (un-) fair non-repudiation protocols. In Formal Aspects of Security, A. Abdallah, P. Ryan, and S. Schneider, Eds. Technical Report CSD-TR-02-13.]]Google ScholarGoogle Scholar
  15. Mastercard & VISA 1997. SET Secure Electronic Transaction Specification: Business Description. Mastercard & VISA. On the Internet at http://www.setco.org/set_specifications.html.]]Google ScholarGoogle Scholar
  16. Nenadic, A., Zhang, N., and Barton, S. 2004. Fair certified e-mail delivery. In Proc. of the 18th ACM Symposium on Applied Computing (ACM SAC'04). ACM Press, New York and Addison Wesley, Reading, MA. 391--396.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Nipkow, T., Paulson, L. C., and Wenzel, M. 2002. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer. LNCS Tutorial 2283.]]Google ScholarGoogle Scholar
  18. Paulson, L. C. 1998. The inductive approach to verifying cryptographic protocols. J. Comp. Sec. 6, 85--128.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Ryan, P. Y. A. and Schneider, S. A. 2000. The Modelling and Analysis of Security Protocols: the CSP Approach. Addison Wesley, Reading, MA.]]Google ScholarGoogle Scholar
  20. Schneider, S. 1998. Formal analysis of a nonrepudiation protocol. In 11th Computer Security Foundations Workshop. IEEE Computer Society Press. 54--65.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. VISA 2002. 3-D Secure Introduction. VISA. On the Internet at http://international.visa.com/fb/paytech/secure/pdfs/3DS_70001-01_Intro%duction_v1.0.2.pdf.]]Google ScholarGoogle Scholar
  22. Zhou, J. and Gollmann, D. 1996. A fair nonrepudiation protocol. In Symposium on Security and Privacy. IEEE Computer Society.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Zhou, G. and Gollmann, D. 1998. Towards verification of nonrepudiation protocols. In International Refinement Workshop and Formal Methods Pacific, J. Grundy, M. Schwenke, and T. Vickers, Eds. Springer-Verlag, New York. 370--380.]]Google ScholarGoogle Scholar

Index Terms

  1. Accountability protocols: Formalized and verified

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!