Assumptions, Trust, and Names in Computer Security Protocols

Abstract

A major goal of using any security protocol is to create certain beliefs in the participants. A security protocol will use techniques like cryptography to guarantee some things, but it will still require a participant to make assumptions about other things that the protocol cannot guarantee; such assumptions often constitute trust in other participants. In this thesis, we attempt to precisely identify the required assumptions of some example protocols. In the process, we find that we must consider the names that participants use to reason about each other. It turns out that naming is a complex topic with a rich body of philosophical work, and we apply some ideas from this work to the problem of identifying security protocols required assumptions. Finally, we begin work on a mathematical model of protocols and beliefs to which a formal logic of belief could be applied. The model is left incomplete because of some unresolved problems with modeling belief caused by the design requirement that the model s elements have clear operational meanings. The solution of these problems is left as future work.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2011
Accession Number
ADA548049

Entities

People

  • Charles D. Shearer

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Air Platforms
  • Autonomy

DTIC Thesaurus Topics

  • Artificial Intelligence
  • Authentication
  • Computer Networks
  • Computer Science
  • Cryptography
  • Cybersecurity
  • Department Of Defense
  • Electronic Mail
  • Formal Languages
  • Governments
  • Information Operations
  • Language
  • Mathematical Models
  • Multiagent Systems
  • Notation
  • Secure Communications
  • Security Protocols

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Cybersecurity.
  • Educational Psychology
  • Theoretical Analysis.

Technology Areas

  • Cyber
  • Cyber - Cryptography