Secure distribution of open source information

Abstract

Cryptographic protocols provide security services through the application of cryptography. When designing a cryptographic protocol, the requirements are, often, specified informally. Informal specification can lead to incorrect protocols from misinterpreting the security requirements and environmental assumptions. Formal tools have been shown to reduce ambiguity. In this paper, a cryptographic protocol, called the Secure Open Distribution Protocol (SODP), is developed to provide authentication services for open source information. A formal development process is proposed to aid in the design of the SODP. The Strand Space method has been selected as the formal mechanism for specifying requirements, architecting a protocol design, and assuring the correctness of the protocol. First, the informal authentication requirements are modeled as agreement properties. Next, Authentication Tests, a Strand Space concept, are introduced to aid in the design of the SODP. Finally, a formal proof is constructed to assure that the SODP has satisfied all requirements. The result of the development process proposed in this paper is a cryptographic protocol that can be used to securely distribute open source information. Also, the Strand Space method is demonstrated as a viable option for the formal development of a cryptographic protocol.