Internet Archive Scholar

Adding time to a logic of authentication

Paul F. Syverson
1993 Proceedings of the 1st ACM conference on Computer and communications security - CCS '93  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (559.5 kB)
https://web.archive.org/web/20190218073020/https://static.aminer.org/pdf/20170130/pdfs/ccs/fyreilbpxtahjirj2ehc5gg8m4sdqwmq.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

In [BAN89] Burrows, Abadi, and Needham presented a logic (BAN) for analyzing cryptographic protocols in terms of belief. This logic is quite useful in uncovering flaws in protocols; however, it also has produced confusion and controversy. Much of the confusion was cleared up when Abadi and Turtle provided a semantics for a version of that logic (AT) in [AT91] . In this paper we present a protocol to show that both BAN and AT are not expressive enough to capture all of the kinds of flaws that
more » ... ear to be within their scope. We then present a logic that adds temporal formalisms to AT and that is rich enough to reveal the flaws in the presented protocol; nonetheless, this logic is sound with respect to the same semantics that was given in [AT91]. Finally, we argue that any approach of this type is inadequate by itself to demonstrate the absence of such flaws. We must supplement the formal logic with semantic analysis techniques.
doi:10.1145/168588.168600 dblp:conf/ccs/Syverson93 fatcat:6qrn2raoxbdgxcuz66u6cqo6am
Citation

Paul F. Syverson. "Adding time to a logic of authentication." Proceedings of the 1st ACM conference on Computer and communications security - CCS '93 (1993) 97-101