Abstract

The concept of ceremony as an extension to network and security protocols was introduced by Ellison. No methods or tools to check correctness or the properties in such ceremonies are currently available. The applications for security ceremonies are vast and ll gaps left by strong assumptions in security protocols, like provisioning of cryptographic keys or correct human interaction. Moreover, no tools are available to check how knowledge is distributed among human peers and in their interaction with other humans and computers in these scenarios. The key component in this paper is the formalisation of human knowledge distribution in security ceremonies. By properly enlisting human expectations and interactions in security protocols, we can minimise the ill-described assumptions we usually see failing. Taking such issues into account when designing or verifying protocols can help us to better understand where protocols are more prone to break due to human constraints.