Team Comète

Overall Objectives
Scientific Foundations
Application Domains
New Results
Other Grants and Activities

Section: Scientific Foundations


Participants : Catuscia Palamidessi, Frank Valencia, Kostas Chatzikokolakis.


Formalisms to express security properties and protocols and to verify them

Security protocols, also known as cryptographic protocols, are small concurrent programs designed to provide various security services across a distributed system. These goals include: authentication of agents and nodes, establishing session keys between nodes, ensuring secrecy, integrity, anonymity, non-repudiation, fairness, and so on. The challenge comes from the fact that we want to guarantee security of exchanges between participants using non-secure mediums, whose weaknesses can be exploited by malicious adversaries. In certain cases, like in the non-repudiation and fairness problems, we cannot even be sure that the participants are honest.

With the increasing degree of distribution and mobility of modern systems, and the increasing number of applications such as electronic commerce, electronic vote, etc, these protocols are becoming more and more used, and their correctness more and more crucial. Establishing the correctness of these protocols, however, is not an easy task; the difficulties arise from a number of considerations:

Several formalisms have been proposed for the specification of the protocols and intruders, for the description of the security properties, and for proving correctness. For example, the Strand spaces [59] , [48] , the spi-calculus [35] and other process calculi [65] , [85] , [86] , [38] , formalisms based on linear logic [52] , [67] , on set-rewriting [66] , [49] , on rewriting logic [56] , on tree automata [72] , [62] , and on set constraints [51] .


Logo Inria