A Calculus for Security Bootstrapping in Distributed Systems
Ueli Maurer and Pierre Schmid
A calculus of channel security properties is presented which allows to analyze and compare protocols for establishing secure channels in a distributed open system at a high level of abstraction. A channel is characterized by its direction, its time of availability and its security properties. Cryptographic primitives as well as trust relations are interpreted as transformations for channel security properties, and a cryptographic protocol can be viewed as a sequence of such transformations. A protocol thus allows to transform a set of secure channels established during an initial setup phase, together with a set of insecure channels available during operation of the system, into the set of secure channels specified by the security requirements. The necessary and sufficient requirements for establishing a secure channel between two entities are characterized in terms of secure channels to be made available during the initial setup phase and in terms of trust relations between users and/or between users and trusted third parties.
Keywords: Network security, Distributed systems, Key management, Cryptography, Security transformations, Formal models.