Honest functions and their application to the analysis of cryptographic protocols

J.D. Guttman, et al. (1998) have introduced “strand spaces” as a technique for describing and analyzing cryptographic protocols (i.e. schemes for exchanging messages between legitimate agents in a communications system for purposes of authentication or establishing session keys). The strands of such a protocol are directly mapped to traces of the messages which are transmitted and received by each agent. Strands may also be associated with the possible traces of a penetrator. J.D. Guttman, et al. (1998) use simple graph theoretic constructions to describe the underlying relations between legitimate agents and the penetrator. These researchers also develop an “algebra” for the set of all possible messages which may be transmitted in a given cryptographic protocol. They have successfully used strand spaces to prove correctness properties of several cryptographic protocols. In this paper we extend the theory of strand spaces to include a broad class of cryptographic protocols which could not be analyzed in the original framework provided by Guttman, et al. This class includes the TMN (Roscose´s version) and SSHV2 protocols, i.e., protocols which use the exclusive-or and exponential functions for message generation. In an intuitive manner we define the class of “honest” functions and extend the theory to include these functions. We conclude this paper with an analysis of the TMN protocol