Nonmonotonic Cryptographic Protocols
dc.contributor.author | Rubin, A. D. | en_US |
dc.date.accessioned | 2014-07-18T18:12:05Z | |
dc.date.available | 2014-07-18T18:12:05Z | |
dc.date.issued | 1993-11-18 | en_US |
dc.identifier.citation | Rubin, A. "Nonmonotonic Cryptographic Protocols," November 1993. [Proc. IEEE Comp. Security Foundations Workshop VII, Franconia (June 1994).] <http://hdl.handle.net/2027.42/107952> | en_US |
dc.identifier.uri | https://hdl.handle.net/2027.42/107952 | |
dc.description.abstract | This paper presents a new method for specifying and analyzing cryptographic protocols. Our method offers several advantages over previous approaches. Our technique is the first to allow reasoning about nonmonotonic protocols. These protocols are needed for systems that rely on the deletion of information. There is no idealization step in specifying protocols; we specify at a level that is close to the actual implementation. This avoids errors that might otherwise render a specification that passes the analysis, useless in practice. In our method, knowledge and belief sets for each principal are modified via actions and inference rules. Every message is considered to be broadcast, and we introduce the update function to maintain global knowledge. We show how our method uncovers the known flaw in the Needham and Schroeder protocol, and that the revision by the same authors does not contain this flaw. We also show that our method correctly handles protocols that are trivially insecure, such as Nessett's noted example. We then apply our method to our khat protocol. The analysis reveals a serious, previously undiscovered flaw in our nonmonotonic protocol for long-running jobs; one that seems obvious in hindsight, but escaped the attention of the authors and over 300 USENIX conference attendees. In addition, our analysis reveals a previously unknown vulnerability in phase II of khat. These are stunning confirmations of the importance of tools for analyzing cryptographic protocols. | en_US |
dc.publisher | Center for Information Technology Integration | en_US |
dc.title | Nonmonotonic Cryptographic Protocols | en_US |
dc.type | Technical Report | en_US |
dc.subject.hlbsecondlevel | Computer Science | en_US |
dc.subject.hlbtoplevel | Engineering | en_US |
dc.contributor.affiliationum | Center for Information Technology Integration | en_US |
dc.description.bitstreamurl | http://deepblue.lib.umich.edu/bitstream/2027.42/107952/1/citi-tr-93-9.pdf | |
dc.owningcollname | Electrical Engineering and Computer Science, Department of (EECS) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.