A Logic of Authentication
Author(s): Michael Burrows, Martin Abadi, Roger M. Needham

Date: December 1989
Publication: Proceedings of the 12th ACM Symposium on Operating System Principles
Publisher: ACM
Source 1: http://citeseer.ist.psu.edu/burrows90logic.html
Source 2: http://guir.cs.berkeley.edu/projects/osprelims/papers/logicofauth.ps.gz

Questions of belief are essential in analyzing protocols for the authentication of principals in distributed computing systems. In this paper we motivate, set out, and exemplify a logic specifically designed for this analysis; we show how various protocols differ subtly with respect to the required initial assumptions of the participant and their final beliefs. Our formalism has enabled us to isolate and express these differences with a precision of which we and their authors were previously unaware, and allowed us to suggest improvements to the protocols. The reasoning about some protocols has been mechanically verified.

This paper starts with an information account of the problem, goes on to explain the formalism to be used, and gives examples of its application to protocols from the literature, both with shared-key cryptography and with public-key cryptography. Some of the examples are chosen because of their practical importance, while others serve to illustrate subtle points of the logic and to explain how we use it. We discuss extensions of the logic motivated by actual practice -- for example, in order to account for the use of hash functions in signatures. The final sections contain a formal semantics of the logic and some conclusions.

Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com