ANALYZING CRYPTOGRAPHIC PROTOCOLS
Dr Joshua D Guttman, Mitre Corporation

Abstract: Cryptographic protocols are short sequences of messages that use cryptography to allow principals to authenticate each other and agree on new shared secrets. They are fundamental to security in electronic commerce and networked systems generally. However, it is tricky to be sure exactly what they achieve, or in some cases whether they achieve any useful security, in the presence of an attacker. Problems may arise even with strong cryptography.

In this talk, we use the strand space formalism to study cryptographic protocols. We present a widely applicable method, which we call the authentication test method, to determine exactly what authentication and secrecy goals a protocol achieves.

Strand spaces abstract from the specific cryptographic mechanisms used to implement protocols. However, given a protocol, the strand space analysis also suggests specific cryptographic properties needed for a safe implementation. We will illustrate this reasoning in a particular case.

Joint work with F Javier Thayer

This seminar was held at the Department of Computer Science, Royal Holloway, University of London on 29 October 2002.