Abstract
Electronic transaction protocols have been found with subtle flaws. Recently, model checking has been used to verify electronic transaction protocols for the limitations of low efficiency and error prone in the traditional approaches. This paper proposes an extendable verification model to especially validate electronic transaction protocols. In particular, the verification model is able to deal with the inconsistency in transmitted messages. Thus, we can measure the incoherence in secure messages coming from different sources and at different moments and ensure the validity of verification result. We analyze two instances by using this model. The analyses uncover some subtle flaws in the protocols.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Burrows, M., Abadi, M., Needham, R.: A logic for Authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)
Heintze, N., Tygar, J., Wing, J., Wong, H.: Model Checking Electronic Commerce Protocols. In: Proceeding of the 2nd USENIX Workshop on Electronic Commerce (November 1996)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Tools and Algorithms for the Construction and Analysis of Systems: Second International Workshop, TACAs’96, pp. 147–166 (March 1996)
Chen, Q., Zhang, C., Zhang, S.: ENDL: A Logical Framework for Verifying Secure Transaction Protocols. Knowledge and Information Systems, an International Journal by Springer (accepted)
Hunter, A.: Measuring inconsistency in knowledge via quasi-classical models. In: Proceedings of the 18th National Conference on Artificial Intelligence (AAAI 2002), pp. 68–73. MIT Press, Cambridge (2002)
SET Secure Electronic Transaction Specification, Book 1: Business Description, Version 1.0, May 31 (1997)
Needham, R., Schroeder, M.: Using Encryption for Authentication in Large Networks of Computers. Comm. of the ACM 21(12), 993–999 (1978)
Denning, D., Sacco, G.: Timestamp in Key Distribution Protocols. Communications of ACM 24(8), 533–536 (1981)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, Q., Zhang, C., Zhang, S. (2004). A Verification Model for Electronic Transaction Protocols. In: Yu, J.X., Lin, X., Lu, H., Zhang, Y. (eds) Advanced Web Technologies and Applications. APWeb 2004. Lecture Notes in Computer Science, vol 3007. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24655-8_90
Download citation
DOI: https://doi.org/10.1007/978-3-540-24655-8_90
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21371-0
Online ISBN: 978-3-540-24655-8
eBook Packages: Springer Book Archive