Bieber, P.: A logic of communication in hostile environment. In: Proceedings of the IEEE Computer Security Foundations Workshop. (1990)  Home/Search   Document Not in Database   Summary   Related Articles   Check

....conclusion about the source node s belief in the route s validity is false, we also argue that any such belief does not in itself constitute a claim that the protocol is secure. This work was first introduced in [16] It is widely accepted that logics of belief provide no guarantee of security [17, 18, 19]. Security protocol analyst Paul Syverson states, The goal of a logic such as that of Burrows, Abadi and Needham is to evaluate the trust that may rightly be placed in a protocol by 13 legitimate participants [18] It does not, however, say anything about the security of such protocols in ....

P. Bieber. A logic of communication in hostile environment. In Proc. Computer Security Foundations Workshop III. IEEE Computer Society Press, Los Alamitos, CA, June 1990.

....at formalizing such inferences, have been proposed. The first of these was the so called BAN logic from Burrows, Abadi and Needham [9,10] which was followed by more expressive and elaborate extensions such as GNY (Gong, Needham and Yahalom [16,15] Syverson and van Oorschot [33,34] and CKT5 [8]. One limitation of these logics is the need to annotate the protocols with logical assertions that are assumed to represent the intent of the sender of the message, as well as logical assumptions on the secrecy or freshness of certain pieces of information. Also, they cannot verify secrecy; in ....

Pierre Bieber. A logic of communication in hostile environment. In Computer Security Foundations Workshop (III), pages 14--22, 1990.

....published approach of this class was BAN Logic [6] named after its inventors Burrows, Abadi and Needham. Various extensions and other approaches based on the same idea have been proposed since then [10, 12, 18, 24, 41, 53] Other logics based validation techniques for cryptographic protocols are [3, 4, 30, 37, 43, 44, 45, 46, 47]. One of the most successful approaches of this category is GNY Logic, which has been widely used to analyze cryptographic protocols since its publication [12] 2.3 Conclusion This chapter gave a brief introduction into principles of authentication. While data origin authentication aims to ....

P. Bieber. A Logic of Communication in a Hostile Environment. In Proceedings of the Computer Security Foundations Workshop III, pages 14--22. IEEE Computer Society Press, June 1990.

....PDF created with FinePrint pdfFactory trial version http: www.fineprint.com 10 K1.Key ) FROM Messages M, Com Keys K1, Com Keys K2, Com Keys K, Com Nonces N WHERE M.Agent=s AND M.Messages[1] K1.Agent2 AND M.Messages[1] K.Agent2 AND M.Messages[1] N.Agent1 AND M. Messages[2]=N.Agent2 AND M.Messages[2] K2.Agent2 AND M.Messages[2] K.Agent1 AND K1.Agent1=s AND K2.agent1=s AND M.Messages[3] N.Nonce) In Fig. 2.4 there is description of protocol that doesn t allow to alter messages for an adversary. If adversary can also modify messages, then adversary i first of all ....

....with FinePrint pdfFactory trial version http: www.fineprint.com 10 K1.Key ) FROM Messages M, Com Keys K1, Com Keys K2, Com Keys K, Com Nonces N WHERE M.Agent=s AND M.Messages[1] K1.Agent2 AND M.Messages[1] K.Agent2 AND M.Messages[1] N.Agent1 AND M.Messages[2] N.Agent2 AND M. Messages[2]=K2.Agent2 AND M.Messages[2] K.Agent1 AND K1.Agent1=s AND K2.agent1=s AND M.Messages[3] N.Nonce) In Fig. 2.4 there is description of protocol that doesn t allow to alter messages for an adversary. If adversary can also modify messages, then adversary i first of all participants knows all sent ....

[Article contains additional citation context not shown here]

Bieber P.: A logic of Communication in a Hostile Environment. Proceedings the Computer Security Foundations Workshop III. IEEE Computer Society Press, (1990) 1422

....source of a message are not strong enough for all authentications. Roles in Cryptographic Protocols The most visible e ect of the introduction of the temporal operator 3 in the previous section was to extend the language used to express and validate protocol requirement. A similar proposal in [Bie90] focused instead on the language used to specify a protocol. In [Bie90] protocols are described in the logic of knowledge and time CKT5, which enriches a fragment of rst order logic with the modal operator K A;t and a suitable set of axioms. The intended meaning of a formula of the form K A;t ....

....in Cryptographic Protocols The most visible e ect of the introduction of the temporal operator 3 in the previous section was to extend the language used to express and validate protocol requirement. A similar proposal in [Bie90] focused instead on the language used to specify a protocol. In [Bie90] protocols are described in the logic of knowledge and time CKT5, which enriches a fragment of rst order logic with the modal operator K A;t and a suitable set of axioms. The intended meaning of a formula of the form K A;t is that at time t principal A knows that holds. The use of proper ....

[Article contains additional citation context not shown here]

Pierre Bieber. A logic of communication in hostile environment. In Proceedings of the Computer Security Foundations Workshop III, pages 14-22. IEEE CS Press, June 1990.

....was one of the first) The major success of BAN has been to reveal what assumptions need to be made in order for the protocols to function correctly. During the last decade, a series of cryptographic protocol logics have been put forward extending and deviating from BAN. Examples are Biebers logic [3], Gong, Needham and Yahalom s logic (called GNY) 14] Abadi and Tuttle s logic (called AT) 1] and Syverson and van Oorschot s logic (called SVO) 42] 8 Common to BAN and its variants, is the employment of modal operators for expressing what an agent knows or believes before, during, and ....

Pierre Bieber. A logic for communication in hostile environment. In The Computer Security Foundations Workshop III, pages 14--21, Washington, June 12 -- 14, Franconia, New Hampshire 1990. IEEE Computer Society Press.

....These mappings are effectively the indistinguishable possible worlds for Bob in this state. This algebraic approach was extended by Toussaint [23] to examine evolving knowledge in protocol executions. The connection between such algebraic approaches and epistemic logic was made explicit by Bieber [3] when he used the constructs of [11] to underly the semantics of his logic CKT5. There have been other algebraic approaches to authentication protocol representation and analysis, for example, using process algebras such as CSP and the spi calculus. We will not discuss these in this paper. 2 The ....

Pierre Bieber. A Logic of Communication in Hostile Environment. In Proc. Computer Security Foundations Workshop III, pages 14--22. IEEE Computer Society Press, Los Alamitos, California, June 1990.

....lead to development of temporally enhanced logical systems containing operators to deal with freshness and with the sequencing problems of BAN Logic identified by Snekkenes [SNEK91] The methods described below are examples of these logical systems. 2.1.3. 1 A Logic of Knowledge and Time In [BIEB90], Bieber describes his Logic of Knowledge, Time and Communication, CKT5. The foundation for CKT5 is a simple language based on the AND, OR, and NOT connectors and a set of propositional variables. While there are no specific temporal operators, the knowledge operators are indexed by the ....

P. Bieber, "A Logic of Communication in a Hostile Environment", in Proceedings of the ComputereSecurity Foundations Workshop III, Washington (IEEE), 1990, pp.14-22

....illusory. Syverson also illustrates how the semantics itself can be used as a reasoning tool to discover results that would be very difficult or impossible to prove by reasoning syntactically. There are a number of other logics that do not belong to the BAN family. These include Bieber s CKT5 [Bie90], Syverson s KPL [Syv90] Moser s logic [Mos89] Rangan s logic [Ran88] and the system of Yahalom et al. YKB93] Bieber s CKT5 and Syverson s KPL can be used to reason about the evolution of knowledge about words used in a cryptographic protocol. They also make a distinction between seeing a ....

P. Bieber. A logic of communication in a hostile environment. In Proceedings of the IEEE CS Computer Security Foundations Workshop, pages 14--22, June 1990.

....of belief, trust relationships and jurisdiction notions. This was used to formalize former reasoning principles on cryptographic protocols, in a more systematic way. Nonetheless, it was highly criticized and several authors proposed refinements of the approach, culminating in approaches such as [3]. Although this does not seem to be well known, such approaches can be automated [16, 25] Model checking was also proposed as a way to explore security aspects of cryptographic protocols. Several attacks were discovered on existing protocol in this way [18, 19] Model checking based systems ....

P. Bieber. A logic of communication in a hostile environment. In 3rd Computer Security Foundations Workshop, pages 14--22. IEEE Press, 1990.

....(Progress) Suppose oe is well typed, all e : s, and e is not a value. Then there is a reduction (oe; e) oe 0 ; e 0 ) 5 Related Work For small critical components of a system, such as management and distribution of cryptographic keys, specialized reasoning tools have been developed [3, 4, 10, 9, 14]. These reasoning tools typically work with an abstracted version of an underlying protocol, and provide sophisticated techniques for addressing issues such as messages freshness, replay attacks, and different protocol runs. However, they do not scale well to more general notions of programming: ....

P. Bieber. A logic of communication in hostile environments. In IEEE Computer Security Foundations Workshop III, pages 14--22, June 1990.

....In our view, security is no more than a specialized notion of correctness, and verification of security is simply verification of this specialized notion of correctness. Problems with Existing Approaches Many approaches have been proposed for the analysis of authentication protocols [4, 6, 9, 10, 11, 12, 15]. However, they are not satisfactory for several reasons. First, most approaches do not clearly separate correctness and verification concerns. That is, the precise notion of correctness is not independently stated but rather is built into the verification procedure. This can hamper understanding ....

....semantics for BAN logic in [2] Fourth, the analysis in certain approaches is conducted at a very high level of abstraction. The results obtained from such analysis can be easily misinterpreted when trying to relate them to protocol executions. Examples include most of the modal logical approaches [4, 6, 10, 15]. We stress, however, that these approaches are certainly useful in their own right. But we also believe that it is important to be able to analyze a protocol at different levels of abstraction. Therefore, concrete and operational approaches should also be devised to complement these high level ....

P. Bieber. A logic of communication in hostile environment. In Proceedings of the The Computer Security Foundations Workshop III [1], pages 14--22.

....model is closely tied to the logic; it is intended to illustrate the logic rather than provide an independent description of security properties. Based on this model, 22] extends the Logic of Authentication to include temporal operators, and thereby provide a more expressive treatment of time. [4] uses a notion of agent histories (that record message sends and receives for each agent) to develop a temporal logic for reasoning about security. It does not address a number of key issues relating to time such as the expiry of nonces and beliefs. 20] use a logic language equipped with temporal ....

P. Bieber, "A Logic of Communication in Hostile Environment" IEEE Computer Security Foundations Workshop III, pp. 14-22, Los Alamitos, California, June 1990.

....[2] they have been essentially proof theoretic in nature. In contrast, this paper considers a purely model theoretic view. While model theoretic approaches have been considered in the past (typical examples include [9, 14, 16] few have incorporated the issue of time. An exception to this is [4], where agent histories are used to record message sends and receives. However, a number of key issues relating to time (such as replay of stale message) are not addressed. To summarize, the following aspects of our paper are new: ffl A detailed development of an elementary model theory of agent ....

P. Bieber, "A Logic of Communication in Hostile Environment" IEEE Computer Security Foundations Workshop III, pp. 14-22, Los Alamitos, California, June 1990.

.... There are also two special Ina Jo symbols: N 00 to indicate the new value of a variable (e.g. N 00 v1 is the new value of variable v1) T 00 which defines a subtype of a given type, T Protocol Protocol Analysis First Author Specification Type I Type II Type III Type IV Abadi [2] Bieber [5] Blumer [6] 6] Britton [8] Burrows [11] 12] Calvelli [13] Campbell [14] Dolev [23] Gaarder [25] Gong [28] 29] Gray [35] Kailar [36] Kasami [38] Kemmerer [40] 40] 40] Longley [42] 43] Lu [44] Mao [45] Meadows [48] 48] 46] 47] 48] 49] Merritt [50] Millen [51] Moser [53] Nessett [56] ....

....and belief. Burrows et al. s landmark BAN logic [11] initiated intense research using this approach. Since then, BAN has been extended [13, 14, 25, 29, 45, 69] and criticized [45, 56, 69, 74] This section discusses other contributions to the Type III approach including the logic of Bieber [5] and its extension by Snekkenes [70] the axiomization of trust and belief by Rangan [59] the logic of Syverson [72] the logic of Kailar et al. 36] and the logic of Moser [53] In addition to these logics, some work has concentrated on the semantics of logics for authentication protocols [2, ....

[Article contains additional citation context not shown here]

P. Bieber. A logic of communication in a hostile environment. Proceedings of the Computer Security Foundation Workshop III, pages 14--22, June 1990.

....used by its authors to find previously unknown flaws in a protocol that appeared in a draft recommendation for the CCITT X.509 standard [9] BAN logic is the best known of the modal logics developed for cryptographic protocol analysis. But there are a number of others. These include Bieber s CKT5 [4] and Syverson s KPL [38] both of which reason about knowledge, Rangan s logic of trust [34] which reasons about trust and belief, Moser s logic [29] which reasons about knowledge and belief, and the system of Yahalom, Klein, and Beth [49] which reasons about trust. Syverson s logic can be used ....

P. Bieber. A Logic of Communication in a Hostile Environment. In Proceedings of the Computer Security Foundations Workshop III, pages 14--22. IEEE Computer Society Press, June 1990.

....of ciphertext are not addressed here. This is not the first paper to discuss such attacks. Similar attacks have been described in [BGH 92] DvOW92] Sne92] and [Syv] Nor is this the first paper to discuss logical solutions to such attacks. In [Sne92] Snekkenes uses Bieber s logic CKT5 [Bie90] to analyze a similar attack. Nonetheless, the results herein are significant for a number of reasons: 1) For good or ill, BAN has become the clear favorite as a formal method for cryptographic protocol analysis; there have been numerous publications that make use or misuse of BAN. The oft cited ....

Pierre Bieber. A Logic of Communication in Hostile Environment. In Proc. Computer Security Foundations Workshop III. IEEE Computer Society Press, Los Alamitos, California, June 1990.

....So, an eavesdropper sees the message data, but cannot necessarily understand it. To deal with this situation, Abadi and Tuttle, in their semantics for a variation of the BAN logic [8] have a hiding operation to remove unreadable messages from a principal s local state. Other authors (e.g. Bieber [10] and Syverson [11] have also devised logics that allow this distinction between data and information to be expressed. The interpretation of the from R is also not completely clear. The authors state messages contain sufficient information for a principal to detect (and ignore) his own messages. ....

P. Bieber. "A Logic of Communication in a Hostile Environment." In Proceedings of the Computer Security Foundations Workshop III, IEEE Computer Society Press, June 1990.

.... principles corresponding to symmetric and asymmetric cryptosystems are discussed in [25] and the design of a family of authentication protocols is systematically demonstrated in [5] With respect to (ii) many formal approaches have been proposed for the analysis of authentication protocols [4, 6, 8, 10, 11, 12, 17, 23]. There are, however, two shortcomings in existing formal analysis approaches. First, there is a significant gap between the formal and intuitive notions of correctness. The formal notion of correctness is often highly specialized and does not always capture the entire intuitive notion of ....

....while our correspondence assertions are flexible and can be customized for individual protocols. Another major class of formal analysis approaches is based on the use of formal logic. This includes BAN logic [2, 6] and its extensions [10, 11] Syverson s KPL [23] and Bieber s logic [4]. Kemmerer s approach [12] can also be included here as it is formalized using a first order logic. Most of these approaches (except Kemmerer s) are based on the use of some sort of modal logic of belief or knowledge with a possible worlds semantics. The BAN logic approach is probably the most ....

[Article contains additional citation context not shown here]

P. Bieber. A logic of communication in hostile environment. In Proceedings of the The Computer Security Foundations Workshop III [1], pages 14--22.

No context found.

Bieber, P.: A logic of communication in hostile environment. In: Proceedings of the IEEE Computer Security Foundations Workshop. (1990)

No context found.

P. Bieber. A logic of communication in hostile environment. In Proceedings of the IEEE Computer Security Foundations Workshop, 1990.

No context found.

P. Bieber. A logic of communication in hostile environment. In Proceedings of the Computer Security Foundations Workshop, pages 14--22. IEEE Computer Society Press, 1990.

No context found.

Bieber, Pierre, 'A Logic for Communication in a Hostile Environment', in Proceedings of the Third Workshop on Foundations of Computer Security, June 1990, Franconia, NH

No context found.

Bieber, Pierre, "A Logic of Communication in Hostile Environment", Proceedings of the Computer Security Foundations Workshop III, 1990, pp. 14-22. 199

No context found.

P. Bieber, A logic of communication in a Hostile Environment. In Proceedings of the Computer Security Foundation Workshop III, pp.14-22, IEEE Computer Society Press, June 1990.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC