Verification of A Key Chain Based TTP Transparent CEM Protocol

In certified email (CEM) protocols, TTP transparency is an important security requirement which helps to avoid bad publicity as well as protecting individual usersʼ privacy. Recently we have extended the CEM protocol of Cederquist et al. to satisfy TTP transparency. As a continuation, in this paper, we formally verify the security requirement in the exteded protocol. The properties of fairness, effectiveness and timeliness are checked in the model checker Mocha, and TTP transparency is analysed in the toolsets μCRL and CADP. The results confirm that our proposed extension achieves our design goals.