Operational semantics and verification of security protocols [electronic resource]
- 作者: Cremers, Cas.
- 其他作者:
- 其他題名:
- Information security and cryptography
- 出版: Berlin, Heidelberg : Springer Berlin Heidelberg :Imprint: Springer
- 叢書名: Information security and cryptography
- 主題: Computer security , Computer networks--Security measures , Semantic computing. , Computer science , Data Structures, Cryptology and Information Theory. , Computer Systems Organization and Communication Networks. , Software Engineering/Programming and Operating Systems.
- ISBN: 9783540786368 (electronic bk.) 、 9783540786351 (paper)
-
FIND@SFXID:
CGU
- 資料類型: 電子書
- 內容註: Introduction -- Preliminaries -- Operational Semantics -- Security Properties -- Verification -- Multiprotocol Attacks -- Generalizing NSL for Multiparty Authentication -- Related Work -- Conclusions and Future Work -- Index.
- 摘要註: Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests that one could easily assess their correctness, this often results in incorrectly designed protocols.The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool.The methodology’s strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make it ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols.
-
讀者標籤:
- 系統號: 005091127 | 機讀編目格式
館藏資訊
Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests that one could easily assess their correctness, this often results in incorrectly designed protocols. The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool. The methodology’s strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make it ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols.