Article

Term-based composition of security protocols

08/2009;
Source: arXiv

ABSTRACT

In the context of security protocol parallel composition, where messages belonging to different protocols can intersect each other, we introduce a new paradigm: term-based composition (i.e. the composition of message components also known as terms). First, we create a protocol specification model by extending the original strand spaces. Then, we provide a term composition algorithm based on which new terms can be constructed. To ensure that security properties are maintained, we introduce the concept of term connections to express the existing connections between terms and encryption contexts. We illustrate the proposed composition process by using two existing protocols. Comment: 2008 IEEE International Conference on Automation, Quality and Testing, Robotics, Cluj-Napoca, Romania, May 2008, pp. 233-238, ISBN 978-1-4244-2576-1

Download full-text

Full-text

Available from: Haller Piroska, Apr 05, 2014
  • Source
    • "The composition process makes use of the informal [6] specification of security protocols which does not include any implementation-related information such as selected cryptographic algorithm, key size or encryption rounds. The result of the composition can have multiple protocols [8] from which the most performant must be selected. As mentioned earlier, cryptography is an important component of these protocols. "
    [Show abstract] [Hide abstract]
    ABSTRACT: We propose a performance evaluation method for security protocols. Based on the informal specification, we construct a canonical model which includes, alongside protocol messages, cryptographic operations performed by participants in the process of message construction. Each cryptographic operation is assigned a cost modeled as a function of the size of processed message components. We model not only the size of regular message components but also the size of ciphertext produced by various cryptographic operations. We illustrate the applicability of our method by comparatively analyzing the performance of the original CCITT X.509 protocol and a slightly modified version of the same protocol. Comment: 4th IEEE International Conference on Intelligent Computer Communication and Processing, Cluj-Napoca, Romania, pp. 193-200, Aug. 2008, ISBN 978-1-4244-2673-7
    Full-text · Article · Aug 2009
  • Source
    • "The composition process makes use of the informal [6] specification of security protocols which does not include any implementation-related information such as selected cryptographic algorithm, key size or encryption rounds. The result of the composition can have multiple protocols [8] from which the most performant must be selected. As mentioned earlier, cryptography is an important component of these protocols. "
    [Show abstract] [Hide abstract]
    ABSTRACT: We propose a performance evaluation method for security protocols. Based on the informal specification, we construct a canonical model which includes, alongside protocol messages, cryptographic operations performed by participants in the process of message construction. Each cryptographic operation is assigned a cost modeled as a function of the size of processed message components. We model not only the size of regular message components but also the size of ciphertext produced by various cryptographic operations. We illustrate the applicability of our method by comparatively analyzing the performance of the original CCITT X.509 protocol and a slightly modified version of the same protocol.
    Full-text · Conference Paper · Sep 2008
  • Source

    Full-text · Article ·