# Security protocol notation

﻿
Security protocol notation

Security (engineering) protocol notation is a way of expressing a protocol of correspondence between entities of a dynamic system, such as a computer network. In the context of a formal model, it allows reasoning about the properties of such a system.

The standard notation consists of a set of individuals (traditionally named Alice, Bob, Charlie, and so on) who wish to communicate. They may have access to a server S, shared keys K, timestamps T, and can generate nonces N for authentication purposes.

A simple example might be the following:

:$A ightarrow B:\left\{X_1\right\}_\left\{K_\left\{AB$

This states that Alice intends a message for Bob consisting of a plain text $X_1$ encrypted under shared key KAB.

Another example might be the following:

:$B ightarrow A:\left\{N_B\right\}_\left\{PK\left(A\right)\right\}$

This states that Bob intends a message for Alice consisting of a Nonce encrypted using public key of Alice.

A key with two subscripts is a symmetric key shared by the two corresponding individuals. A key with one subscript is the public key of the corresponding individual. A private key is represented as the inverse of the public key.

The notation specifies only the operation and not its semantics &mdash; for instance, public key encryption and signature are represented identically.

We can express more complicated protocols in such a fashion. See Kerberos as an example.

Several models exist to reason about security protocols in this way, one of which is BAN logic.

Wikimedia Foundation. 2010.