Epistemic verification of anonymity

J. Eijck, van; S.M. Orzan

doi:10.1016/j.entcs.2006.08.026

Epistemic verification of anonymity

J. Eijck, van, S.M. Orzan

Formal System Analysis

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

29 Citations (Scopus)

1 Downloads (Pure)

Abstract

Anonymity is not a trace-based property, therefore traditional model checkers are not directly able to express it and verify it. However, by using epistemic logic (logic of knowledge) to model the protocols, anonymity becomes an easily verifiable epistemic formula. We propose using Dynamic Epistemic Logic to model security protocols and properties, in particular anonymity properties. We have built tool support for DEL verification which reuses state-of-the-art tool support for automata-based verification. We illustrate this approach by analyzing an anonymous broadcast protocol and an electronic voting protocol. By comparison with a process-based analysis of the same protocols, we also discuss the relative (dis)advantages of the process-based and epistemic-based verification methods in general.

Original language	English
Title of host publication	Proceedings Second International Workshop on Views on Designing Complex Architectures (VODCA 2006) 16-17 September 2006, Bertinoro, Italy
Editors	F. Gadducci
Pages	159-174
DOIs	https://doi.org/10.1016/j.entcs.2006.08.026
Publication status	Published - 2007
Event	conference; VODCA 2006, Bertinoro, Italy; 2007-09-16; 2007-09-17 - Duration: 16 Sept 2007 → 17 Sept 2007

Publication series

Name	Electronic Notes in Theoretical Computer Science
Volume	168
ISSN (Print)	1571-0061

Conference

Conference	conference; VODCA 2006, Bertinoro, Italy; 2007-09-16; 2007-09-17
Period	16/09/07 → 17/09/07
Other	VODCA 2006, Bertinoro, Italy

Access to Document

10.1016/j.entcs.2006.08.026

Cite this

@inproceedings{d0936db239ae4cc5bf917b6f8f6e9885,

title = "Epistemic verification of anonymity",

abstract = "Anonymity is not a trace-based property, therefore traditional model checkers are not directly able to express it and verify it. However, by using epistemic logic (logic of knowledge) to model the protocols, anonymity becomes an easily verifiable epistemic formula. We propose using Dynamic Epistemic Logic to model security protocols and properties, in particular anonymity properties. We have built tool support for DEL verification which reuses state-of-the-art tool support for automata-based verification. We illustrate this approach by analyzing an anonymous broadcast protocol and an electronic voting protocol. By comparison with a process-based analysis of the same protocols, we also discuss the relative (dis)advantages of the process-based and epistemic-based verification methods in general.",

author = "{Eijck, van}, J. and S.M. Orzan",

year = "2007",

doi = "10.1016/j.entcs.2006.08.026",

language = "English",

series = "Electronic Notes in Theoretical Computer Science",

pages = "159--174",

editor = "F. Gadducci",

booktitle = "Proceedings Second International Workshop on Views on Designing Complex Architectures (VODCA 2006) 16-17 September 2006, Bertinoro, Italy",

note = "conference; VODCA 2006, Bertinoro, Italy; 2007-09-16; 2007-09-17 ; Conference date: 16-09-2007 Through 17-09-2007",

}

Eijck, van, J & Orzan, SM 2007, Epistemic verification of anonymity. in F Gadducci (ed.), Proceedings Second International Workshop on Views on Designing Complex Architectures (VODCA 2006) 16-17 September 2006, Bertinoro, Italy. Electronic Notes in Theoretical Computer Science, vol. 168, pp. 159-174, conference; VODCA 2006, Bertinoro, Italy; 2007-09-16; 2007-09-17, 16/09/07. https://doi.org/10.1016/j.entcs.2006.08.026

Epistemic verification of anonymity. / Eijck, van, J.; Orzan, S.M.
Proceedings Second International Workshop on Views on Designing Complex Architectures (VODCA 2006) 16-17 September 2006, Bertinoro, Italy. ed. / F. Gadducci. 2007. p. 159-174 (Electronic Notes in Theoretical Computer Science; Vol. 168).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Epistemic verification of anonymity

AU - Eijck, van, J.

AU - Orzan, S.M.

PY - 2007

Y1 - 2007

N2 - Anonymity is not a trace-based property, therefore traditional model checkers are not directly able to express it and verify it. However, by using epistemic logic (logic of knowledge) to model the protocols, anonymity becomes an easily verifiable epistemic formula. We propose using Dynamic Epistemic Logic to model security protocols and properties, in particular anonymity properties. We have built tool support for DEL verification which reuses state-of-the-art tool support for automata-based verification. We illustrate this approach by analyzing an anonymous broadcast protocol and an electronic voting protocol. By comparison with a process-based analysis of the same protocols, we also discuss the relative (dis)advantages of the process-based and epistemic-based verification methods in general.

AB - Anonymity is not a trace-based property, therefore traditional model checkers are not directly able to express it and verify it. However, by using epistemic logic (logic of knowledge) to model the protocols, anonymity becomes an easily verifiable epistemic formula. We propose using Dynamic Epistemic Logic to model security protocols and properties, in particular anonymity properties. We have built tool support for DEL verification which reuses state-of-the-art tool support for automata-based verification. We illustrate this approach by analyzing an anonymous broadcast protocol and an electronic voting protocol. By comparison with a process-based analysis of the same protocols, we also discuss the relative (dis)advantages of the process-based and epistemic-based verification methods in general.

U2 - 10.1016/j.entcs.2006.08.026

DO - 10.1016/j.entcs.2006.08.026

M3 - Conference contribution

T3 - Electronic Notes in Theoretical Computer Science

SP - 159

EP - 174

BT - Proceedings Second International Workshop on Views on Designing Complex Architectures (VODCA 2006) 16-17 September 2006, Bertinoro, Italy

A2 - Gadducci, F.

T2 - conference; VODCA 2006, Bertinoro, Italy; 2007-09-16; 2007-09-17

Y2 - 16 September 2007 through 17 September 2007

ER -

Epistemic verification of anonymity

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this