Information Security Applications

Security protocols are very vulnerable to design errors. Thus many techniques have been proposed for validating the correctness of security protocols. Among these, general model checking is one of the preferred methods. Using tools such as Murφ, model checking can be performed automatically. Thus protocol designers can use it even if they are not proficient in formal techniques. Although this is an attractive approach, state space explosion prohibits model checkers from validating secure protocols with a significant number of communicating participants. In this paper, we propose “model checking with pre-configuration” which is a “divide-and-conquer” approach that reduces the amount of memory needed for verification. The verification time is also reduced since the method permits the use of symmetry more effectively in model checking. The performance of the method is shown by checking the NeedhamSchroeder-Lowe Public-Key protocol using Murφ.

[1]  N. Asokan,et al.  Asynchronous protocols for optimistic fair exchange , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[2]  Kazuo Ohta,et al.  How to simultaneously exchange secrets by general assumptions , 1994, CCS '94.

[3]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[4]  Robert H. Deng,et al.  Evolution of Fair Non-repudiation with TTP , 1999, ACISP.

[5]  Matthew K. Franklin,et al.  Secure Group Barter: Multi-party Fair Exchange with Semi-Trusted Neutral Parties , 1998, Financial Cryptography.

[6]  Ernest F. Brickell,et al.  Gradual and Verifiable Release of a Secret , 1987, CRYPTO.

[7]  Holger Vogt Asynchronous Optimistic Fair Exchange Based on Revocable Items , 2003, Financial Cryptography.

[8]  Tom Tedrick,et al.  How to Exchange Half a Bit , 1983, CRYPTO.

[9]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[10]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[11]  Felix C. Freiling,et al.  Supporting Fair Exchange in Mobile Environments , 2003, Mob. Networks Appl..

[12]  Silvia Giordano,et al.  The Terminodes Project: Towards Mobile Ad-Hoc WAN , 1999 .

[13]  Felix C. Freiling,et al.  Approaching a formal definition of fairness in electronic commerce , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[14]  Jianying Zhou,et al.  An Intensive Survey of Non-Repudiation Protocols , 2002 .

[15]  Michael O. Rabin,et al.  Transaction Protection by Beacons , 1983, J. Comput. Syst. Sci..

[16]  David A. Wheeler More Than a Gigabuck: Estimating GNU/Linux''s Size , 2002, WWW 2002.

[17]  Olivier Markowitch,et al.  Optimistic Fair Exchange with Transparent Signature Recovery , 2002, Financial Cryptography.

[18]  Felix C. Freiling,et al.  Using Smart Cards for Fair Exchange , 2001, WELCOM.

[19]  Ivan Damgård Practical and Provably Secure Release of a Secret and Exchange of Signatures , 1993, EUROCRYPT.

[20]  Rachid Guerraoui Revistiting the Relationship Between Non-Blocking Atomic Commitment and Consensus , 1995, WDAG.

[21]  Rachid Guerraoui,et al.  Non-blocking atomic commit in asynchronous distributed systems with failure detectors , 2002, Distributed Computing.

[22]  Matthias Schunter,et al.  Optimistic Protocols for Multi-Party Fair Exchange , 1996 .

[23]  Markus Jakobsson,et al.  Ripping Coins For a Fair Exchange , 1995, EUROCRYPT.

[24]  Richard Cleve,et al.  Controlled Gradual Disclosure Schemes for Random Bits and Their Applications , 1989, CRYPTO.

[25]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[26]  Olivier Markowitch,et al.  Les protocoles de non-répudiation , 2001 .

[27]  Tom Tedrick,et al.  Fair Exchange of Secrets , 1984, CRYPTO.

[28]  Paul F. Syverson,et al.  Weakly secret bit commitment: applications to lotteries and fair exchange , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[29]  Michael K. Reiter,et al.  Fair Exchange with a Semi-Trusted Third Party (extended abstract) , 1997, CCS.

[30]  Matthias Schunter,et al.  Optimistic fair exchange , 2000 .

[31]  Indrajit Ray,et al.  An Optimistic Fair Exchange E-commerce Protocol with Automated Dispute Resolution , 2000, EC-Web.

[32]  J.-Y. Le Boudec,et al.  Toward self-organized mobile ad hoc networks: the terminodes project , 2001, IEEE Commun. Mag..