Stateful Protocol Composition and Typing

By Andreas V. Hess, Sebastian Mödersheim, and Achim D. Brucker.

We provide in this AFP entry several relative soundness results for security protocols. In particular, we prove typing and compositionality results for stateful protocols (i.e., protocols with mutable state that may span several sessions), and that focuses on reachability properties. Such results are useful to simplify protocol verification by reducing it to a simpler problem: Typing results give conditions under which it is safe to verify a protocol in a typed model where only "well-typed" attacks can occur whereas compositionality results allow us to verify a composed protocol by only verifying the component protocols in isolation. The conditions on the protocols under which the results hold are furthermore syntactic in nature allowing for full automation. The foundation presented here is used in another entry to provide fully automated and formalized security proofs of stateful protocols.

Please cite this work as follows:
A. V. Hess, S. Mödersheim, and A. D. Brucker, “Stateful protocol composition and typing,” Archive of Formal Proofs, Apr. 2020. https://www.isa-afp.org/entries/Stateful_Protocol_Composition_and_Typing.html, Formal proof development. Author copy: http://logicalhacking.com/publications/hess.ea-stateful-2020/

BibTeX
@Article{ hess.ea:stateful:2020,
  author    = {Andreas V. Hess and Sebastian M{\"o}dersheim and Achim D.
               Brucker},
  title     = {Stateful Protocol Composition and Typing},
  journal   = {Archive of Formal Proofs},
  month     = {apr},
  year      = {2020},
  date      = {2020-04-08},
  note      = {\url{https://www.isa-afp.org/entries/Stateful_Protocol_Composition_and_Typing.html},
               Formal proof development. 
               Author copy: \url{http://logicalhacking.com/publications/hess.ea-stateful-2020/}},
  issn      = {2150-914x},
  abstract  = {We provide in this AFP entry several relative soundness
               results for security protocols. In particular, we prove typing
               and compositionality results for stateful protocols (i.e.,
               protocols with mutable state that may span several sessions),
               and that focuses on reachability properties. Such results are
               useful to simplify protocol verification by reducing it to a
               simpler problem: Typing results give conditions under which it
               is safe to verify a protocol in a typed model where only
               "well-typed" attacks can occur whereas compositionality
               results allow us to verify a composed protocol by only
               verifying the component protocols in isolation. The conditions
               on the protocols under which the results hold are furthermore
               syntactic in nature allowing for full automation. The
               foundation presented here is used in another entry to provide
               fully automated and formalized security proofs of stateful
               protocols.},
  filelabel = {Outline},
  file      = {download/2020/hess.ea-stateful-outline-2020.pdf},
  areas     = {formal methods, security},
}