Klaus Gaarder and Einar Snekkenes. Applying a Formal Analysis Technique to the CCIT X.509 Strong Two-Way Authentication Protocol. Journal of Cryptology, 3:81-- 98, 1991. A preliminary version of this paper appeared as [GS90].  Home/Search   Document Not in Database   Summary   Related Articles   Check

....notation for sending a message in protocol description, e.g. A Gamma B . In our primitive notation, oe is of course : Men87] 3 In [BAN89] the public key and shared key notations for indicating key appropriateness were more similar. We have followed the notational conventions of [GS91] and [vO93b] In the presence of three types of public keys, we find this to be the best compromise between familiarity and readibility. Further issues that lead to this choice of public key notation are discussed in appendix B. K = e K. Unless restricted, either explicitly or implicitly by ....

....led some to focus on the notion of current protocol run rather than on freshness. However, this still leaves some types of replays unaddressed (e.g. the first attack presented in [Syv93b] We also have not explored the relationship between different BANlike logics that reason about time (e.g. GS91] or the relationship they have to logics that allow reasoning about message ordering (e.g. KG91] Our suspicion is that the logics of [GS91] and [KG91] can be captured by the logic of this paper with the temporal additions of [Syv93a] Finally, we have not looked at the still more ambitious ....

[Article contains additional citation context not shown here]

Klaus Gaarder and Einar Snekkenes. Applying a Formal Analysis Technique to the CCIT X.509 Strong Two-Way Authentication Protocol. Journal of Cryptology, 3:81-- 98, 1991. A preliminary version of this paper appeared as [GS90].

....meant to be implicitly inferred from A believes K 7 A. GNY introduce syntax for explicitly representing and reasoning about possession of private keys. Nonetheless, goodness of a private key is still meant to be inferred from a statement about the public key as in BAN, i.e. from K 7 A. In [GS91] Gaarder and Snekkenes separate statements representing that A has associated a good public key K, viz: PK(A;K) from those representing that A has associated some good private key, viz: Pi(A) Thus the judgement about the quality of the private key is now associated with a statement about the ....

....That logic is sound with respect to the semantics presented in this paper. In fact, fully integrating it into the logic we have given is simply a matter of adding five axioms and a rule. We also have yet to explore the relationship between different BAN like logics that reason about time (e.g. GS91] or the relationship they have to logics that allow reasoning about message ordering (e.g. KG91] Our suspicion is that the logics of [GS91] and [KG91] can be captured by the logic of this paper with the temporal additions of [Syv93a] Finally, We have not looked at the still more ambitious ....

[Article contains additional citation context not shown here]

Klaus Gaarder and Einar Snekkenes. Applying a Formal Analysis Technique to the CCIT X.509 Strong Two-Way Authentication Protocol. Journal of Cryptology, 3:81-- 98, 1991. A preliminary version of this paper appeared as [GS90].

No context found.

Klaus Gaarder and Einar Snekkenes. Applying a Formal Analysis Technique to the CCIT X.509 Strong Two-Way Authentication Protocol. Journal of Cryptology, 3:81-- 98, 1991. A preliminary version of this paper appeared as [GS90].

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC