Representing partial knowledge in an algebraic security model

Abstract

The author extends a security model and specification language for key distribution protocols which describes protocols algebraically in terms of term-rewriting systems to include certain kinds of partial knowledge available to a penetrator. She also shows how the model describes the actions by which a penetrator takes advantage of partial knowledge, and gives an example of a protocol specified in the language.<>