Title :
Intensional specifications of security protocols
Author_Institution :
Comput. Lab., Oxford Univ., UK
Abstract :
It is often difficult to specify exactly what a security protocol is intended to achieve, and there are many example of attacks on protocol which have been proved to satisfy the `wrong´, or too unreal a specification. Contrary to the usual approach of attempting to capture what it is that protocol achieves in abstract terms, we propose a readily automatable style of specification which simply asserts that a node can only complete its part in a protocol run if the pattern of messages anticipated by the designer has occurred. While this intensional style of specification does not replace more abstract ones such as confidentiality, it does appear to preclude a wide range of the styles of attack that are hardest to exclude by other means
Keywords :
access protocols; cryptography; formal specification; confidentiality; cryptographic protocols; intensional specifications; security protocols; Authentication; Communication channels; Cryptographic protocols; Cryptography; Europe; Laboratories; Network servers; Safety; Security; Testing;
Conference_Titel :
Computer Security Foundations Workshop, 1996. Proceedings., 9th IEEE
Conference_Location :
Kenmare
Print_ISBN :
0-8186-7522-5
DOI :
10.1109/CSFW.1996.503688
