Developing security protocols by refinement

8 years 5 months ago
Developing security protocols by refinement
We propose a development method for security protocols based on stepwise refinement. Our refinement strategy guides sformation of abstract security goals into protocols that are secure when operating over an insecure channel controlled by a Dolev-Yao-style intruder. The refinement steps successively introduce local states, an intruder, communication channels with security properties, and cryptographic ns realizing these channels. The abstractions used provide insights on how the protocols work and foster the development of families of protocols sharing a common structure and properties. In contrast to post-hoc verification methods, protocols are developed together with their correctness proofs. We have implemented our method in Isabelle/HOL and used it to develop different entity authentication and key transport protocols. Categories and Subject Descriptors C 2.2 [Computer-communication networks]: Network protocols
Christoph Sprenger, David A. Basin
Added 10 Feb 2011
Updated 10 Feb 2011
Type Journal
Year 2010
Where CCS
Authors Christoph Sprenger, David A. Basin
Comments (0)