Skip to main content
SpringerLink
Log in

An Extension of Formal Analysis Method with Reasoning: A Case Study of Flaw Detection for Non-repudiation and Fairness

  • Conference paper
  • First Online:
Codes, Cryptology and Information Security (C2SI 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11445))

Abstract

Formal analysis is used to find out flaws of cryptographic protocols. A formal analysis method with reasoning for cryptographic protocols has been proposed. In the method, behaviors of participants and behaviors of an intruder are used as premises of forward reasoning to deduce formulas, then analysts check whether the deduced formulas are related to flaws. However, the method only can detect the flaws related to confidentiality and authentication but is unable to detect the flaws related to non-repudiation and fairness. This paper proposes an extension of the formal analysis method with reasoning, which can deal with the flaws related to non-repudiation and fairness. This paper also shows a case study of flaw detection for non-repudiation and fairness in ISI protocol with the proposed method. The result shows that the proposed method is effective to find out flaws that related to the two security properties above.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Asokan, N.: Fairness in electronic commerce. Ph.D. thesis, Department of Mathematics, University of Waterloo, Canada (1998)

    Google Scholar 

  2. Avalle, M., Alfredo, P., Bogdan, W.: Formal verification of security protocol implementations: a survey. Formal Aspects Comput. 26(1), 99–123 (2014)

    Article  Google Scholar 

  3. Bau, J., Mitchell, J.C.: Security modeling and analysis. IEEE Secur. Priv. 9(3), 18–25 (2011)

    Article  Google Scholar 

  4. Butterfield, A., Ngondi, G.: Oxford Dictionary of Computer Science. Oxford University Press, Oxford (2016)

    Book  Google Scholar 

  5. Cheng, J.: A strong relevant logic model of epistemic processes in scientific discovery. In: Information Modelling and Knowledge Bases XI, Frontiers in Artificial Intelligence and Applications, vol. 61, pp. 136–159 (2000)

    Google Scholar 

  6. Cheng, J., Miura, J.: Deontic relevant logic as the logical basis for specifying, verifying, and reasoning about information security and information assurance. In: 1st International Conference on Availability, Reliability and Security, pp. 601–608. IEEE Computer Society, Vienna, Austria (2006)

    Google Scholar 

  7. Cheng, J., Nara, S., Goto, Y.: FreeEnCal: a forward reasoning engine with general-purpose. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007. LNCS (LNAI), vol. 4693, pp. 444–452. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74827-4_56

    Chapter  Google Scholar 

  8. Clarke Jr., E.M., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)

    Google Scholar 

  9. Cortier, V., Kremer, S., Warinschi, B.: A survey of symbolic methods in computational analysis of cryptographic systems. J. Autom. Reasoning 46(3–4), 225–259 (2011)

    Article  MathSciNet  Google Scholar 

  10. Dolev, D., Andrew, C.Y.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  11. Hauser, R., Steiner, M., Waidner, M.: Micro-payments based on IKP. IBM Zurich Research Laboratory, IBM Research Division Report RZ279, Zurich, Switzerland (1996)

    Google Scholar 

  12. International Organization for Standardization: ISO/IEC 13888–3: Information security techniques - non-repudiation - Part: Mechanisms using asymmetric techniques (1997)

    Google Scholar 

  13. International Organization for Standardization: ISO/IEC 13888–2: Information security techniques - non-repudiation - Part: Mechanisms using symmetric techniques (1998)

    Google Scholar 

  14. International Organization for Standardization: ISO/IEC 29128: Information technology - Security techniques - Verification of cryptographic protocols (2011)

    Google Scholar 

  15. Kremera, S., Markowitcha, O., Zhoub, J.: An intensive survey of fair non-repudiation protocols. Comput. Commun. 25(17), 1606–1621 (2002)

    Article  Google Scholar 

  16. Liu, Y., Zhang, H.: Stand spaces analysis of electronic commerce protocols. Comput. Sci. 35(2), 109–114 (2008)

    MathSciNet  Google Scholar 

  17. Medvinsky, G., Neuman, C.: NetCash: a design of practical electronic currency on the internet. In: 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, USA, pp. 102–106 (1993)

    Google Scholar 

  18. Meadows, C.A., Meadows, C.A.: Formal verification of cryptographic protocols: a survey. In: Pieprzyk, J., Safavi-Naini, R. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 133–150. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0000430

    Chapter  Google Scholar 

  19. Meadows, C.: Formal methods for cryptographic protocol analysis: emerging issues and trends. IEEE J. Sel. Areas Commun. 21(1), 44–54 (2003)

    Article  Google Scholar 

  20. Markowitch, O., Gollmann, D., Kremer, S.: On fairness in exchange protocols. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 451–465. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36552-4_31

    Chapter  Google Scholar 

  21. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. J. Comput. Secur. 6(1), 85–128 (1998)

    Article  Google Scholar 

  22. Roe, M.: Cryptography and evidence. Ph.D. thesis, Computer Laboratory, University of Cambridge (1997)

    Google Scholar 

  23. Zhou, J., Gollmann, D.: Evidence and non-repudiation. J. Network Comput. Appl. 20(30), 267–281 (1997)

    Article  Google Scholar 

  24. Wagatsuma, K., Goto, Y., Cheng, J.: A formal analysis method with reasoning for key exchange protocols. IPSJ J. 56(3), 903–910 (2015). (in Japanese)

    Google Scholar 

  25. Yan, J., Wagatsuma, K., Gao, H., Cheng, J.: A formal analysis method with reasoning for cryptographic protocols. In: 12th International Conference on Computational Intelligence and Security, pp. 566–570. IEEE Computer Society, Wuxi (2016)

    Google Scholar 

  26. Yan, J., Ishibashi, S., Goto, Y., Cheng, J.: A study on fine-grained security properties of cryptographic protocols for formal analysis method with reasoning. In: 2018 IEEE SmartWorld, Ubiquitous Intelligence, Computing, Advanced, Trusted Computing, Scalable Computing, Communications, Cloud, Big Data Computing, Internet of People and Smart City Innovations, pp. 210–215. IEEE-CS, Guangzhou (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Computer Sciences, Saitama University, Saitama, 338-8570, Japan

    Jingchen Yan, Yating Wang, Yuichi Goto & Jingde Cheng

Authors
  1. Jingchen Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yating Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuichi Goto
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jingde Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuichi Goto .

Editor information

Editors and Affiliations

  1. Université Paris 8, Saint-Denis, France

    Claude Carlet

  2. Institut MINES-TELECOM, Paris, France

    Sylvain Guilley

  3. Université de Caen, Caen, France

    Abderrahmane Nitaj

  4. Mohammed V University, Rabat, Morocco

    El Mamoun Souidi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yan, J., Wang, Y., Goto, Y., Cheng, J. (2019). An Extension of Formal Analysis Method with Reasoning: A Case Study of Flaw Detection for Non-repudiation and Fairness. In: Carlet, C., Guilley, S., Nitaj, A., Souidi, E. (eds) Codes, Cryptology and Information Security. C2SI 2019. Lecture Notes in Computer Science(), vol 11445. Springer, Cham. https://doi.org/10.1007/978-3-030-16458-4_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-16458-4_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-16457-7

  • Online ISBN: 978-3-030-16458-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation