Implementing Security Protocol Monitors
This addresses security vulnerabilities in cryptographic protocols for users and developers, though it appears incremental as it builds on existing narration-based specifications.
The paper tackles the problem of securing cryptographic protocols by compiling attack narrations into tests that honest participants can perform to exclude malicious executions, enabling the implementation of monitors to protect existing implementations from rogue behavior.
Cryptographic protocols are often specified by narrations, i.e., finite sequences of message exchanges that show the intended execution of the protocol. Another use of narrations is to describe attacks. We propose in this paper to compile, when possible, attack describing narrations into a set of tests that honest participants can perform to exclude these executions. These tests can be implemented in monitors to protect existing implementations from rogue behaviour.