Article

Analysis of Typed Analyses of Authentication Protocols

Authors:

Michele Bugliesi,

Riccardo Focardi,

Matteo MaffeiAuthors Info & Claims

CSFW '05: Proceedings of the 18th IEEE workshop on Computer Security Foundations

Pages 112 - 125

https://doi.org/10.1109/CSFW.2005.8

Published: 20 June 2005 Publication History

Publisher Site

Abstract

This paper contrasts two existing type-based techniques for the analysis of authentication protocols. The former, proposed by Gordon and Jeffrey, uses dependent types for nonces and cryptographic keys to statically regulate the way that nonces are created and checked in the authentication exchange. The latter, proposed by the authors, relies on a combination of static and dynamic typing to achieve similar goals. Specifically, the type system employs dependent ciphertext types to statically define certain tags that determine the typed structure of the messages circulated in the authentication exchange. The type tags are then checked dynamically to verify that each message has the format expected at the corresponding step of the authentication exchange. This paper compares the two approaches, drawing on a translation of tagged protocols, validated by our system, into protocols that type check with Gordon and Jeffreyýs system. This translation gives new insight into the trade-offs between the two techniques, and on their relative expressiveness and precision. In addition, it allows us to port verification techniques from one setting to the other.

Cited By

View all

Backes MHriţcu CMaffei M(2018)Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementationsJournal of Computer Security10.5555/2595841.259584522:2(301-353)Online publication date: 24-Dec-2018
https://dl.acm.org/doi/10.5555/2595841.2595845
Cortier VGrimm NLallemand JMaffei MThuraisingham BEvans DMalkin TXu D(2017)A Type System for Privacy PropertiesProceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security10.1145/3133956.3133998(409-423)Online publication date: 30-Oct-2017
https://dl.acm.org/doi/10.1145/3133956.3133998
Bugliesi MCalzavara SEigner FMaffei M(2015)Affine Refinement Types for Secure Distributed ProgrammingACM Transactions on Programming Languages and Systems10.1145/274301837:4(1-66)Online publication date: 13-Aug-2015
https://dl.acm.org/doi/10.1145/2743018
Show More Cited By

Index Terms

Analysis of Typed Analyses of Authentication Protocols

Recommendations

Specifying Privacy-Preserving Protocols in Typed MSR

Privacy-preserving protocols, such as electronic cash, electronic voting and selective disclosure protocols, use special message constructors that are not widely used in other types of protocols (for example, in authentication protocols). These message ...
Efficient Non-interactive Deniable Authentication Protocols
CIT '05: Proceedings of the The Fifth International Conference on Computer and Information Technology

Deniable authentication protocol is an authentication protocol that allows a sender to authenticate a message for a receiver, in a way that the receiver cannot convince a third party that such authentication ever took place. In recent years, due to the ...
Fully Deniable Message Authentication Protocols Preserving Confidentiality

Although the objective of secure communication can be achieved by using cryptographic tools, the undeniability that results from cryptographic properties may create a potential threat to the sender of the message. Unfortunately, most existing deniable ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSFW '05: Proceedings of the 18th IEEE workshop on Computer Security Foundations

June 2005

290 pages

ISBN:0769523404

Publisher

IEEE Computer Society

United States

Publication History

Published: 20 June 2005

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Backes MHriţcu CMaffei M(2018)Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementationsJournal of Computer Security10.5555/2595841.259584522:2(301-353)Online publication date: 24-Dec-2018
https://dl.acm.org/doi/10.5555/2595841.2595845
Cortier VGrimm NLallemand JMaffei MThuraisingham BEvans DMalkin TXu D(2017)A Type System for Privacy PropertiesProceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security10.1145/3133956.3133998(409-423)Online publication date: 30-Oct-2017
https://dl.acm.org/doi/10.1145/3133956.3133998
Bugliesi MCalzavara SEigner FMaffei M(2015)Affine Refinement Types for Secure Distributed ProgrammingACM Transactions on Programming Languages and Systems10.1145/274301837:4(1-66)Online publication date: 13-Aug-2015
https://dl.acm.org/doi/10.1145/2743018
Cortier VEigner FKremer SMaffei MWiedling C(2015)Type-Based Verification of Electronic Voting ProtocolsProceedings of the 4th International Conference on Principles of Security and Trust - Volume 903610.1007/978-3-662-46666-7_16(303-323)Online publication date: 11-Apr-2015
https://dl.acm.org/doi/10.1007/978-3-662-46666-7_16
Bugliesi MCalzavara SEigner FMaffei M(2012)Affine Refinement Types for Authentication and AuthorizationRevised Selected Papers of the 7th International Symposium on Trustworthy Global Computing - Volume 819110.1007/978-3-642-41157-1_2(19-33)Online publication date: 7-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-41157-1_2
Dahl MKobayashi NSun YHüttel H(2011)Type-based automated verification of authenticity in asymmetric cryptographic protocolsProceedings of the 9th international conference on Automated technology for verification and analysis10.5555/2050917.2050926(75-89)Online publication date: 11-Oct-2011
https://dl.acm.org/doi/10.5555/2050917.2050926
Blanchet B(2009)Automatic verification of correspondences for security protocolsJournal of Computer Security10.5555/1576303.157630417:4(363-434)Online publication date: 1-Dec-2009
https://dl.acm.org/doi/10.5555/1576303.1576304
Cirillo ARiely J(2007)Access control based on code identity for open distributed systemsProceedings of the 3rd conference on Trustworthy global computing10.5555/1793574.1793589(169-185)Online publication date: 5-Nov-2007
https://dl.acm.org/doi/10.5555/1793574.1793589
Bugliesi MFocardi RMaffei M(2007)Dynamic types for authenticationJournal of Computer Security10.5555/1370677.137068315:6(563-617)Online publication date: 1-Dec-2007
https://dl.acm.org/doi/10.5555/1370677.1370683
Backes MCortesi AFocardi RMaffei MNing PAtluri VGligor VMantel H(2007)A calculus of challenges and responsesProceedings of the 2007 ACM workshop on Formal methods in security engineering10.1145/1314436.1314444(51-60)Online publication date: 2-Nov-2007
https://dl.acm.org/doi/10.1145/1314436.1314444
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Specifying Privacy-Preserving Protocols in Typed MSR

Efficient Non-interactive Deniable Authentication Protocols

Fully Deniable Message Authentication Protocols Preserving Confidentiality

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations