Security protocol notation

In cryptography, security (engineering) protocol notation, also known as protocol narrations[1] and Alice & Bob notation, is a way of expressing a protocol of correspondence between entities of a dynamic system, such as a computer network. In the context of a formal model, it allows reasoning about the properties of such a system.

The standard notation consists of a set of principals (traditionally named Alice, Bob, Charlie, and so on) who wish to communicate. They may have access to a server S, shared keys K, timestamps T, and can generate nonces N for authentication purposes.

A simple example might be the following:

This states that Alice intends a message for Bob consisting of a plaintext X encrypted under shared key KA,B.

Another example might be the following:

This states that Bob intends a message for Alice consisting of a nonce NB encrypted using public key of Alice.

A key with two subscripts, KA,B, is a symmetric key shared by the two corresponding individuals. A key with one subscript, KA, is the public key of the corresponding individual. A private key is represented as the inverse of the public key.

The notation specifies only the operation and not its semantics — for instance, private key encryption and signature are represented identically.

We can express more complicated protocols in such a fashion. See Kerberos as an example. Some sources refer to this notation as Kerberos Notation.[2] Some authors consider the notation used by Steiner, Neuman, & Schiller[3] as a notable reference.[4]

Several models exist to reason about security protocols in this way, one of which is BAN logic.

Security protocol notation inspired many of the programming languages used in choreographic programming.

References

  1. ^ Briais, Sébastien; Nestmann, Uwe (2005). "A Formal Semantics for Protocol Narrations" (PDF). Trustworthy Global Computing. Lecture Notes in Computer Science. Vol. 3705. pp. 163–181. Bibcode:2005LNCS.3705..163B. doi:10.1007/11580850_10. ISBN 978-3-540-30007-6.
  2. ^ Chappell, David (1999). "Exploring Kerberos, the Protocol for Distributed Security in Windows 2000". Microsoft Systems Journal. Archived from the original on 2017-08-15.
  3. ^ Steiner, J. G.; Neuman, B. C.; Schiller, J. I. (February 1988). "Kerberos: An Authentication Service for Open Network Systems" (PDF). Proceedings of the Winter 1988 Usenix Conference. Usenix. Berkeley, CA: USENIX Association. pp. 191–201. Archived from the original (PDF) on 2010-08-06. Retrieved 2009-06-10.
  4. ^ Davis, Don; Swick, Ralph (1989-03-17). Workstation Services and Kerberos Authentication at Project Athena (PS). p. 1. Retrieved 2009-06-10. …our notation follows Steiner, Neuman, & Schiller,…


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by adding missing information.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.