Abstract
This paper reports on two case-studies of applying BAN logic to industrial strength security protocols. These studies demonstrate the flexibility of the BAN language, as it caters for the addition of appropriate constructs and rules. We argue that, although a semantical foundation of the formalism is lacking, BAN logic provides an intuitive and powerful technique for security analysis.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
M. Abadi and M. Tuttle, A Semantics for a Logic of Authentication, in Proceedings of the ACM Symposium on Principles of Distributed Computing, p. 201–216, 1991.
N. Agray, The BAN Approach to Formal Verification: Authentication in GSM and SET, Master Thesis, Utrecht University Number INF/SCR-01-09 and KPN Research, Leidschendam (2001).
A. Bleeker and L. Meertens, A Semantics for BAN Logic, Proc. DIMACS workshop on Design and Formal Verification of Protocols, 1997, http://dimacs.rutgers.edu/Workshops/Security/program2/program.html.
M. Burrows, M. Abadi and R. Needham, A Logic of Authentication, ACM Transactions on Computer Systems, vol. 8, p. 18–36, 1990.
H. van Ditmarsch, Knowledge Games. PhD. thesis, Groningen, 2000, available at http://tcw2.ppsw.rug.nl/~hans.
R. Fagin, J.Y. Halpern, Y. Moses and M.Y. Vardi, Reasoning About Knowledge, MIT Press, 1995.
M. Fasli, On Commitments, Roles and Obligations. This volume.
M. Fitting and R. Mendelsohn, First order modal logic, Kluwer, 1998.
L. Gong, R. Needham and R. Yahalom, Reasoning about Belief in Cryptographic Protocol Analysis, Proc. IEEE Symp. on Research in Security and Privacy, p. 234–248, 1990.
H. Gunnar, GSM Networks: Protocols, Terminology, and Implementations, Artech House 1999.
J.Y. Halpern and L.D. Zuck, A Little Knowledge Goes a Long Way: Simple Knowledge-Based Derivations and Correctness Proofs for a Family of Protocols, Proc. 6th ACM Symp. on Principles of Distributed Computing, 1987, p. 268–280.
J.-J.Ch. Meyer and W. van der Hoek, Epistemic Logic for AI and Computer Science, Cambridge University Press, 1995.
F. Stulp and R. Verbrugge, A knowledge-based algorithm for the Internet protocol TCP, to appear in the Bulletin of Economic Research, 2001. Also at http://tcw2.ppsw.rug.nl/prepublications
P. Syverson, The Use of Logic in the Analysis of Cryptographic Protocols, in Proc. IEEE Symp. on Research in Security and Privacy, 1991.
G. Wedel and V. Kessler, Formal Semantics for Authentication Logics, Proc. ESORICS’96, p. 219–241, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Agray, N., van der Hoek, W., de Vink, E. (2002). On BAN Logics for Industrial Security Protocols. In: Dunin-Keplicz, B., Nawarecki, E. (eds) From Theory to Practice in Multi-Agent Systems. CEEMAS 2001. Lecture Notes in Computer Science(), vol 2296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45941-3_3
Download citation
DOI: https://doi.org/10.1007/3-540-45941-3_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43370-5
Online ISBN: 978-3-540-45941-5
eBook Packages: Springer Book Archive