A Hierarchy of Authentication Specifications (1997)
| Citations: | 156 - 4 self |
BibTeX
@INPROCEEDINGS{Lowe97ahierarchy,
author = {Gavin Lowe},
title = {A Hierarchy of Authentication Specifications},
booktitle = {},
year = {1997},
pages = {31--43},
publisher = {IEEE Computer Society Press}
}
Years of Citing Articles
OpenURL
Abstract
Many security protocols have the aim of authenticating one agent to another. Yet there is no clear consensus in the academic literature about precisely what "authentication" means. In this paper we suggest that the appropriate authentication requirement will depend upon the use to which the protocol is put, and identify several possible definitions of "authentication". We formalize each definition using the process algebra CSP, use this formalism to study their relative strengths, and show how the model checker FDR can be used to test whether a system running the protocol meets such a specification. 1 Introduction Many security protocols have appeared in the academic literature; these protocols often have the aim of achieving authentication, i.e., one agent should become sure of the identity of the other. The protocols are designed to succeed even in the presence of a malicious agent, called an intruder, who has complete control over the communications network, and so can intercept ...







