Visible to the public Measuring Protocol Strength with Security Goals

Flaws in published standards for security protocols are found regularly, often after systems implementing those standards have been deployed. Because of deployment constraints and disagreements among stakeholders, different fixes may be proposed and debated. In this process, security improvements must be balanced with issues of functionality and compatibility.

We provide a family of rigorous metrics for protocol security improvements. These metrics are sets of first order formulas in a goal language GL (II) associated with a protocol. The semantics of GL (II) is compatible with many ways to analyze protocols, and some metrics in this family are supported by many protocol analysis tools. Other metrics are supported by our Cryptographic Protocol Shapes Analyzer CPSA.

This family of metrics refines several "hierarchies" of security goals in the literature. Our metrics are applicable even when, to mitigate a flaw, participants must enforce policies that constrain protocol execution. We recommend that protocols submitted to standards groups characterize their goals using formulas in GL (II), and that discussions comparing alternative protocol refinements measure their security in these terms.

Dr. Paul D. Rowe is a Lead Cybersecurity Researcher at The MITRE Corporation. His research interests include cryptographic protocol analysis, Trusted Computing, cyber resiliency and formal methods for modeling and verification. He is a key contributor to MITRE's protocol analysis tool, the Cryptographic Protocol Shapes Analyzer (CPSA), with applications ranging from key management systems for small unmanned aviation systems (SUAS) to the trust infrastructure of emerging vehicle-to-vehicle communications. He received his PhD in mathematics from the University of Pennsylvania.

Creative Commons Attribution-NonCommercial 3.0

Other available formats:

Measuring Protocol Strength with Security Goals
Switch to experimental viewer