A Calculus for Secure Channel Establishment in Open Networks
Ueli Maurer and Pierre Schmid
This paper presents a calculus of channel security properties which allows to analyze and compare protocols for establishing secure channels in an insecure open network at a high level of abstraction. A channel is characterized by its direction, time of availability and its security properties. Cryptographic primitives and trust relations are interpreted as transformations for channel security properties, and cryptographic protocols can be viewe d as combinations of such transformations. A protocol thus allows to transform a set of secure channels established during an initial setup phase, togeth er with a set of insecure channels available during operation of the system, into the set of secure channels specified by the security requirements. The necessary and sufficient requirements for establishing a secure channel between two entities are characterized in terms of secure channels to be made ava ilable during the initial setup phase and in terms of trust relations between users and/or between users and trusted authorities.