Abstract
Deniel of service is becoming a growing concern. As our systems communicate more and more with others that we know less and less, they become increasingly vulnerable to hostile intruders who may take advantage of the very protocols intended for the establishment and authentication of communication to tie up our resources and disable our servers. Since these attacks occur before parties are authenticated to each other, we cannot rely upon enforcement of the appropriate access control policy to protect us (as is recommended in the classic work of Gligor and Millen in [5, 18, 19]). Instead we must build our defenses, as much as possible, into the protocols themselves. This paper shows how some principles that have already been used to make protocols more resistent to deniel of service can be formalized, and indicates the ways in which existing cryptographic protocol analysis tools could be moidified to operate within this formal framework.
