Abstract
Most attacks against security protocols are due to their vulnerable designs. These type of protocols are usually the base which many other protocols and applications are built upon, so proving the correctness of such protocols has become a very important issue in recent years. At the same time, the complexity of security protocols has increased considerably, making it harder to perform an exhaustive analysis of the different situations they are able to deal with. BAN logic was created to assist in the validation of authentication protocols. Although there are other validation logics, we have chosen BAN because we believe its formal process is very simple and robust and therefore facilitates its application to validate old protocols such as Otway-Rees and more complex new ones such as IKE (standard Internet Key Exchange protocol). This paper is based on BAN logic. We will give a brief description of validating procedures and we will demonstrate the validity of BAN foundations, refuting some weaknesses detected by other authors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Tuttle, M.R.: A semantic for a logic of authentication. In: Proceedings of the Tenth Annual ACM Symposium on Principles of Distributed Computing, pp. 201–216. ACM Press, New York (1991)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)
Boyd, C., Mao, W.: On a limitation of BAN logic. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 240–247. Springer, Heidelberg (1994)
Boyd, C.: A Framework for Design of Key Establishment Protocols. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 146–157. Springer, Heidelberg (1996)
Gong, L., Needham, R., Yahalom, R.: Reasoning about Belief in Cryptographic Protocols. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 234–248. IEEE Computer Society Press, Los Alamitos (1990)
Syverson, P.F., van Oorschot, P.C.: On unifying some cryptographic protocols. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, May 1994, pp. 14–28. IEEE CS Press, Los Alamitos (1994)
Syverson, P.F., van Oorschot, P.C.: A Unified Cryptographic Protocol Logic. NRL Publication 5540-227, Naval Research Lab (1996)
van Oorschot, P.C.: Extending Cryptographic logics of belief to key agreement protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, November 1993, pp. 233–243. ACM Press, New York (1993)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sierra, J.M., Hernández, J.C., Alcaide, A., Torres, J. (2004). Validating the Use of BAN LOGIC. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_98
Download citation
DOI: https://doi.org/10.1007/978-3-540-24707-4_98
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22054-1
Online ISBN: 978-3-540-24707-4
eBook Packages: Springer Book Archive