Operational semantics and verification of security protocols. (Q610283)

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, an execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions or correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model a tool set called Scyther has been developed that can automatically find attacks on security protocols or prove their correctness. Case studies show the application of the methodology as well as the effectiveness of the analysis tool. The methodology's strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make this book suited both for researchers and graduate students of information security and for advanced professionals designing critical security protocols.