Types and effects for asymmetric cryptographic protocols

Andy Gordon

(Microsoft Research, Cambridge)

Joint work with Alan Jeffrey, DePaul University.

We present the first type and effect system for proving authenticity properties of security protocols based on asymmetric cryptography. The most significant new features of our type system are: (1) a separation of public types (for data possibly sent to the opponent) from tainted types (for data possibly received from the opponent) via a subtype relation; (2) trust effects, to guarantee that tainted data does not, in fact, originate from the opponent; and (3) challenge/response types to support a variety of idioms used to guarantee message freshness. We illustrate the applicability of our system via protocol examples.
Tuesday 11th June 2002, 14:00
Robert Recorde Room
Department of Computer Science