We present a methodology to facilitate the design and analysis of secure cryptographic protocols. We advocate the general approach, and a new avenue for research, of restricting protocol designs to well-defined practices, instead of ever increasing the complexity of protocol security analysis mechanisms to deal with every newly discovered attack and the endless variations in protocol construction. In particular, we propose a novel notion of a fail-stop protocol, which automatically halts in response to any active attack that interferes with protocol execution, thus reducing protocol security analysis to that of passive attacks only. We suggest types of protocols that are fail-stop, outline some proof techniques for them, and use examples to illustrate how the notion of a fail-stop protocol can make protocol design easier and can provide a more solid basis for some available protocol analysis methods.

Click Here to download this article