Formal Models and Techniques for Analyzing Security Protocols: A Tutorial

Found. Trends Program. Lang. Pub Date : 2014-11-14 DOI:10.1561/2500000001

V. Cortier, S. Kremer

{"title":"Formal Models and Techniques for Analyzing Security Protocols: A Tutorial","authors":"V. Cortier, S. Kremer","doi":"10.1561/2500000001","DOIUrl":null,"url":null,"abstract":"Security protocols are the small distributed programs which are omnipresent in our daily lives in areas such as online banking and commerce and mobile phones. Their purpose is to keep our transactions and personal data secure. Because these protocols are generally implemented on potentially insecure networks like the internet, they are notoriously difficult to devise. The field of symbolic analysis of security protocols has seen significant advances during the last few years. There is now a better understanding of decidability and complexity questions and successful automated tools for the provision of security and prevention of attack have been applied to numerous protocols, including industrial protocols. Models have been extended with algebraic properties to weaken the perfect cryptography assumption and even computational soundness results towards cryptographic models have been achieved. What was still missing, however, was a book which summarized the state-of-the-art of these advances. Whilst this book does not pretend to give a complete overview of the field - something which would be impossible in a single volume - it does, nevertheless, cover a representative sample of the ongoing work in this field, which is still very active. The book contains an introduction and ten tutorial-like chapters on selected topics, each written by a leading expert, and will be of interest to all those involved in the formal analysis of security protocols.","PeriodicalId":376429,"journal":{"name":"Found. Trends Program. Lang.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"49","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Found. Trends Program. Lang.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1561/2500000001","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 49

Abstract

Security protocols are the small distributed programs which are omnipresent in our daily lives in areas such as online banking and commerce and mobile phones. Their purpose is to keep our transactions and personal data secure. Because these protocols are generally implemented on potentially insecure networks like the internet, they are notoriously difficult to devise. The field of symbolic analysis of security protocols has seen significant advances during the last few years. There is now a better understanding of decidability and complexity questions and successful automated tools for the provision of security and prevention of attack have been applied to numerous protocols, including industrial protocols. Models have been extended with algebraic properties to weaken the perfect cryptography assumption and even computational soundness results towards cryptographic models have been achieved. What was still missing, however, was a book which summarized the state-of-the-art of these advances. Whilst this book does not pretend to give a complete overview of the field - something which would be impossible in a single volume - it does, nevertheless, cover a representative sample of the ongoing work in this field, which is still very active. The book contains an introduction and ten tutorial-like chapters on selected topics, each written by a leading expert, and will be of interest to all those involved in the formal analysis of security protocols.

查看原文本刊更多论文

分析安全协议的形式化模型和技术:教程

安全协议是一种小型的分布式程序，它在我们的日常生活中无处不在，如网上银行、网上商务和移动电话等领域。他们的目的是保证我们的交易和个人数据的安全。由于这些协议通常是在潜在不安全的网络(如internet)上实现的，因此设计起来非常困难。安全协议的符号分析领域在过去几年中取得了重大进展。现在对可决定性和复杂性问题有了更好的理解，用于提供安全和预防攻击的成功自动化工具已应用于许多协议，包括工业协议。利用代数性质对模型进行扩展，削弱了完美密码学假设，并获得了密码学模型的计算健全性结果。然而，仍然缺少一本总结这些进步的最新进展的书。虽然这本书并没有假装给出该领域的完整概述-这在一卷书中是不可能的-但它确实涵盖了该领域中正在进行的工作的代表性样本，这些工作仍然非常活跃。这本书包含一个介绍和十个类似教程的章节，每个章节都是由一位顶尖的专家撰写的，所有参与安全协议形式化分析的人都会感兴趣。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Found. Trends Program. Lang.

自引率

0.00%

发文量