Review of KIISC (정보보호학회지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지

Towards Developing Formal Verification Tools for Cryptographic Protocols

암호프로토콜 논리성 검증도구 개발에 관한 연구

  • Published : 2002.04.01
Download PDF
⟨ Previous Next ⟩

Abstract

Incautiously designed and informally verified cryptographic protocols are error-prone and can allow an adversary to have the ideal starting point for various kinds of attacks. The flaws resulting from these protocols can be subtle and hard to find. Accordingly we need formal methods for systematic design and verification of cryptographic protocols. This paper surveys the state-of-the-art and proposes a practical developing method that will be implemented in the future study.

비형식적인 방법으로 부주의하게 설계 및 검증된 암호프로토콜은 시스템의 안전성에 대한 공격을 허용하는 중대한 결함이나 오류를 포함하기 쉽다. 이러한 암호프로토콜의 결함이나 오류를 모두 발견해내는 것은 결코 쉬운 작업이 아니며, 따라서 암호프로토콜의 체계적인 설계와 검증을 위한 정형화된 방법이 필요하다. 본 논문에서는 이 분야의 기술 동향에 대해서 살펴보고, 향후 연구에서 진행할 현실적인 개발 방법을 제안하도록 한다.

Keywords

References

  1. Technical Report SRC RR149 A calculus for crytopraphic protocols : The Spicalculus M.Abadi;A.Gordon
  2. In Proc. of the Tenth Annual ACM Symposium on Principles of Distributed Computing A semantics for a logic of authentication M. Abadi;M. Tuttle
  3. In Advance in Cryptology-CRYPTO 93 Entity authentication and key distribution M. Bellare;P.Rogaway
  4. In ACM Symposium on Theory of computing A modular approach to the design and analysis of authentication and key exchange protocols M.Bellare;R.Canetti;H.Krawczyk
  5. In Proc. of the IEEE Computer Security Foundation Workshop A logic of communication in a hostile environment P.Bieber
  6. In Sixth IMA International Comference on Cryptography and Coding Key agreement protocols and their security analysis S.Blake-Wilson;D.Johnson;A.Menesez
  7. In Advances in Cryptology - Eurocrypt 93 On a limitation of BAN logic C.Boyd;W.Mao
  8. In Proc. of the IEEE Computer Security Foundation Workshop A HOL extension of GNY for automatically analyzing cryptographic protocols S.Brackin
  9. In Proc. of the ISOC Network and Distributed System Security An interface specification language for automatically analyzing cryptographic protocol S.Brackin
  10. In Proc. of the IEEE Conputer Security Foundation Workshop Evaluating and improving protocol analysis by automatic proof S.Brackin
  11. In Proc. of IEEE ASSET 99 A CAPSL interface for the NRL Protocol Analyzer S.Brackin;C.Meadow;J.Millen
  12. Technicla Report SRC RR 39 A logic of authentication M.Burrows;M.Abadi;R.Needham
  13. EPFL SSC Technical Report No. SSC/1999/038 Formal method in the disign fo cryptographic protocols L.Buttyan
  14. A survey of authentication porotocol literature: version 1.0 J.Clark;J.Jacob
  15. In Proc. of the IEEE Computer Scurity Foundation Workshop C3PO: a tool for automatic sound cryptographic protocol analysis A.Dekker
  16. IEEE Transactions on Information theory v.22 New directions on Information theory W.Diffie;M.Hellman https://doi.org/10.1109/TIT.1976.1055638
  17. IEEE Transactions on Information Theory v.29 On the security oj public key protocols D.Dolev;A.Yao https://doi.org/10.1109/TIT.1983.1056650
  18. In Proc. of the IEEE Computer Security Foundation Workshop Honest ideals on strand spaces F.Fabrega;J.Herzog;J.Guttman
  19. In Proc. of the IEEE Symposium on Research in Security and Provacy Strand spaces : Why is a security protocol correct? F.Fabrega;J.Herzog;J.Guttman
  20. In Proc. of the IEEE Symposium on Research in Sucurity and Privacy Reasoning about belief in cryptographic protocols L.Gong;R.Needham;R.Yahalom
  21. Computer Communications v.22 no.8 Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification S.Gritzalis;D.Spinellis;P.Georgiadis
  22. IEEE Journal on Selected Areas in Communications v.7 no.4 Analyzing encryption protocols using formal verification technique R.Kemmerer https://doi.org/10.1109/49.17707
  23. Australian Computer Science Sommunications v.17 no.1 On the automation of GNY logic A.Mathuria;R.Safavi-Naini;P.Nicholas
  24. In Proc. of the IEEE Symposium on Research in Security and Privacy A system for the specification and analysis of key management protocols C.Meadows
  25. Journal of Computer Security v.1 no.1 Applying formal methods to the analysis of a key management protocol C.Meadows https://doi.org/10.3233/JCS-1992-1102
  26. In Advances in Cryptography - Asiacrypt 94 Formal verification of cryptography protocols : A survey C.Meadows
  27. In Proc. of the IEEE symposium on Security and Privacy Analysis of the Internet Key Exchange protocol using NRL Protocol Analyzer C.Meadows
  28. IEEE Transactions on Software Engiveering v.13 no.2 The Interrogator : Protocol security analysis J.Millen;S.Clark;S.Freedman https://doi.org/10.1109/TSE.1987.233151
  29. In Proc. of the IEEE Symposium on Security and Privacy Automated analysis of cryptographic protocols using Mur J.Mitchell;M.Mitchell;U.Stern
  30. Operating Systems Review v.24 no.2 A critique of the Burrows Abadi and Needham logic D.Nessett https://doi.org/10.1145/382258.382789
  31. In Proc. of the IEEE Computer Security foundation Workshop A logic of composition for information flow predicates R.Peri;W.Wulf;D.Kienzle
  32. Personal Communicaitons C.V.Ramamoorthy
  33. In Proc. of the IEEE Computer Security Foundation Workshop Modelling and verifying key-exchange protocols using CSP & FDR A.Roscoe
  34. Technical Report CITI TR 93-7 Formal methods for the analysis of authentication protocols A.Rubin;P.Honeyman
  35. IBM Zurich Research Lab. On Formal Models for Sucure Key Exchange V.Shoup
  36. In Journal of Computer Security v.9 no.1 Athena:a novel approach to efficient automatic security protocol analysis D.Song;S.Berezin;A.Perrig https://doi.org/10.3233/JCS-2001-91-203
  37. In Proc. of the IEEE Symposium on Research in Security and Privacy Formal semantics for logics of cryptographic protocols P.Syverson
  38. In Proc. of the IEEE Symposium on Research in Security and Privacy On unifying some cryptographic protocol logics P.syverson;P.van Oorschot
  39. In Proc. of the ACM Conference on Computer Communications Security Extending cryptographic ligics of belief to key agreement protocols P.van Oorschot
  40. Computers and Security v.8 no.8 Verification of network security protocols V.Varadgarajan https://doi.org/10.1016/0167-4048(89)90008-4
  41. Computer Standards and Interfaces Use of a formal description technique in the specification of authentication protocols V.Varadgarajan