Strand Spaces: Why is a Security Protocol Correct?

Abstract

A strand is a sequence of events; it represents either the execution of legitimate party in a security protocol or else a sequence of actions by a penetrator. A strand space is a collection of strands, equipped with a graph structure generated by causal interaction. In this framework, protocol correctness claims may be expressed in terms of the connections between strands of different kinds. In this paper we develop the notion of a strand space. We then prove a generally useful lemma, as a sample result giving a general bound on the abilities of the penetrator in any protocol. We apply the strand space formalism to prove the correctness of the Needham-Schroeder-Lowe protocol. Our approach gives a detailed view of the conditions under which the protocol achieves authentication and protects the secrecy of the values exchanged. We also use our proof methods to explain why the original Needham- Schroeder protocol fails. We believe that our approach is distinguished from other work on protocol verification by the simplicity of the model and the ease of producing intelligible and reliable proofs of protocol correctness even without automated support.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 1998
Accession Number
ADA459060

Entities

People

  • F. J. Fabrega
  • Jonathan C. Herzog
  • Joshua D. Gutman

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Agreements
  • Authentication
  • Communication Systems
  • Contrast
  • Cryptography
  • Explosives Initiators
  • Guarantees
  • Information Operations
  • Language
  • Models
  • National Security
  • Probabilistic Models
  • Probability
  • Security
  • Security Protocols
  • Sequences

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Artificial Intelligence
  • Computer Networking

Technology Areas

  • Space