Security Protocols: An Information Flow Perspective

There has been a tremendous increase in the development and use of networked and distributed systems in the past three decades. Security protocols are small programs that aim at securing communications over a public network like the Internet. E-commerce is now an integral part of our daily lives, and security protocols play a major role in securing these transactions online. Protocols are commonly described using an informal notation that only gives an intended trace involving the honest principals. These protocol descriptions/narrations often leave many properties of a protocol unspecified. In particular, there is no way to determine the initial conditions or assumptions about shared information, nor can we see under what conditions the principals should respond to messages.

Design of protocols is in itself a challenging task, but is not the central theme of this talk. Rather, we argue that viewing a protocol as an exchange of information among the intended stakeholders of the system, and applying the concepts of information flow security for enriching the protocol specifications helps the designer to make his intentions explicit. We illustrate our approach using the Needham-Schroeder protocol as an example.