|Title||Efficient Detection of Failure Modes in Electronic Commerce Protocols|
|Publication Type||Conference Paper|
|Year of Publication||1999|
|Authors||S. Gurgens, J. Lopez, and R. Peralta|
|Conference Name||IEEE International Workshop on Electronic Commerce and Security|
|Conference Location||Florence, Italy|
The design of key distribution and authentication protocols has been shown to be error-prone. These protocols constitute the part of more complex protocols used for electronic commerce transactions. Consequently, these new protocols are likely to contain flaws that are even more difficult to find. In this paper, we present a search method for detecting potential security flaws in such protocols. Our method relies on automatic theorem proving tools. Among others we present our analysis of a protocol recently standardized by the German standardization organization DIN to be used in digital signature applications for smartcards. Our analysis resulted in the standard being supplemented with comments that explain the possible use of cryptographic keys.