The thousand-and-one cryptographers

Annabelle McIver; Carroll Morgan

doi:10.3233/978-1-61499-977-5-137

The thousand-and-one cryptographers

Annabelle McIver, Carroll Morgan

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

Chaum's Dining Cryptographers protocol crystallises the essentials of security just as other famous diners once captured deadlock and livelock: it is a benchmark for security models and their associated verification methods.

Here we give a correctness proof of the Cryptographers in a new style, one in which stepwise refinement plays a prominent role. Furthermore, our proof applies to arbitrarily many Diners: to our knowledge we are only the second group to have done that.

The proof is based on the Shadow Security Model which integrates non-interference and program refinement: with it, we try to make a case that stepwise development of security protocols is not only possible but actually is quite a good idea. It benefits from more than three decades' of experience of how layers of abstraction can both simplify the design process and make its outcomes more likely to be correct.

Original language	English
Title of host publication	Engineering Secure and Dependable Software Systems
Editors	Alexander Pretschner, Peter Müller, Patrick Stöckle
Place of Publication	Amsterdam
Publisher	IOS Press
Chapter	8
Pages	137-162
Number of pages	26
ISBN (Electronic)	9781614999775
ISBN (Print)	9781614999768
DOIs	https://doi.org/10.3233/978-1-61499-977-5-137
Publication status	Published - 2019

Publication series

Name	NATO Science for Peace and Security Series. Sub-Series D: Information and Communication Security
Volume	53
ISSN (Print)	1874-6268
ISSN (Electronic)	1879-8292

Access to Document

10.3233/978-1-61499-977-5-137

Cite this

@inbook{d57f77bef4b54e0298a7ce6965abfdc5,

title = "The thousand-and-one cryptographers",

abstract = "Chaum's Dining Cryptographers protocol crystallises the essentials of security just as other famous diners once captured deadlock and livelock: it is a benchmark for security models and their associated verification methods.Here we give a correctness proof of the Cryptographers in a new style, one in which stepwise refinement plays a prominent role. Furthermore, our proof applies to arbitrarily many Diners: to our knowledge we are only the second group to have done that.The proof is based on the Shadow Security Model which integrates non-interference and program refinement: with it, we try to make a case that stepwise development of security protocols is not only possible but actually is quite a good idea. It benefits from more than three decades' of experience of how layers of abstraction can both simplify the design process and make its outcomes more likely to be correct.",

author = "Annabelle McIver and Carroll Morgan",

year = "2019",

doi = "10.3233/978-1-61499-977-5-137",

language = "English",

isbn = "9781614999768",

series = "NATO Science for Peace and Security Series. Sub-Series D: Information and Communication Security",

publisher = "IOS Press",

pages = "137--162",

editor = "Alexander Pretschner and Peter M{\"u}ller and Patrick St{\"o}ckle",

booktitle = "Engineering Secure and Dependable Software Systems",

address = "Netherlands",

}

The thousand-and-one cryptographers. / McIver, Annabelle; Morgan, Carroll.
Engineering Secure and Dependable Software Systems. ed. / Alexander Pretschner; Peter Müller; Patrick Stöckle. Amsterdam: IOS Press, 2019. p. 137-162 (NATO Science for Peace and Security Series. Sub-Series D: Information and Communication Security; Vol. 53).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - The thousand-and-one cryptographers

AU - McIver, Annabelle

AU - Morgan, Carroll

PY - 2019

Y1 - 2019

N2 - Chaum's Dining Cryptographers protocol crystallises the essentials of security just as other famous diners once captured deadlock and livelock: it is a benchmark for security models and their associated verification methods.Here we give a correctness proof of the Cryptographers in a new style, one in which stepwise refinement plays a prominent role. Furthermore, our proof applies to arbitrarily many Diners: to our knowledge we are only the second group to have done that.The proof is based on the Shadow Security Model which integrates non-interference and program refinement: with it, we try to make a case that stepwise development of security protocols is not only possible but actually is quite a good idea. It benefits from more than three decades' of experience of how layers of abstraction can both simplify the design process and make its outcomes more likely to be correct.

AB - Chaum's Dining Cryptographers protocol crystallises the essentials of security just as other famous diners once captured deadlock and livelock: it is a benchmark for security models and their associated verification methods.Here we give a correctness proof of the Cryptographers in a new style, one in which stepwise refinement plays a prominent role. Furthermore, our proof applies to arbitrarily many Diners: to our knowledge we are only the second group to have done that.The proof is based on the Shadow Security Model which integrates non-interference and program refinement: with it, we try to make a case that stepwise development of security protocols is not only possible but actually is quite a good idea. It benefits from more than three decades' of experience of how layers of abstraction can both simplify the design process and make its outcomes more likely to be correct.

U2 - 10.3233/978-1-61499-977-5-137

DO - 10.3233/978-1-61499-977-5-137

M3 - Chapter

SN - 9781614999768

T3 - NATO Science for Peace and Security Series. Sub-Series D: Information and Communication Security

SP - 137

EP - 162

BT - Engineering Secure and Dependable Software Systems

A2 - Pretschner, Alexander

A2 - Müller, Peter

A2 - Stöckle, Patrick

PB - IOS Press

CY - Amsterdam

ER -

The thousand-and-one cryptographers

Abstract

Publication series

Access to Document

Fingerprint

Cite this