학술논문
Equational Approach to Formal Analysis of TLS
Document Type
Conference
Author
Source
25th IEEE International Conference on Distributed Computing Systems (ICDCS'05) Distributed Computing Systems, 2005. ICDCS 2005. Proceedings. 25th IEEE International Conference on. :795-804 2005
Subject
Language
ISSN
1063-6927
Abstract
TLS has been formally analyzed with the OTS/CafeOBJ method. In the method, distributed systems are modeled as transition systems, which are written in terms of equations, and it is verified that the models have properties by means of equational reasoning. TLS is the latest version, or the successor of SSL, which is probably the most widely deployed security protocol. Among the results of the analysis are that pre-master secrets cannot be leaked, when a client has negotiated a cipher suite and security parameters with a server, the server has really agreed on them, and client cannot be identified if they do not send their certificates to servers.