Skip to main content
Journal ArticleOPEN ACCESS

On BAN logic and hash functions or: How an unjustified inference rule causes problems

Autonomous Agents and Multi-Agent Systems (2009) 19(1) 76-88
DOI: 10.1007/s10458-008-9063-8
13Citations
Citations of this article
23Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

BAN logic, an epistemic logic for analyzing security protocols, contains an unjustifiable inference rule. The inference rule assumes that possession of H(X) (i.e., the cryptographic hash value of X) counts as a proof of possession of X, which is not the case. As a result, BAN logic exhibits a problematic property, which is similar to unsoundness, but not strictly equivalent to it. We will call this property 'unsoundness' (with quotes). The property is demonstrated using a specially crafted protocol, the two parrots protocol. The 'unsoundness' is proven using the partial semantics which is given for BAN logic. Because of the questionable character of the semantics of BAN logic, we also provide an alternative proof of 'unsoundness' which we consider more important.

Author supplied keywords

Cite

CITATION STYLE

APA

Teepe, W. (2009). On BAN logic and hash functions or: How an unjustified inference rule causes problems. Autonomous Agents and Multi-Agent Systems, 19(1), 76–88. https://doi.org/10.1007/s10458-008-9063-8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free