A hierarchy of authentication specifications

Many security protocols have the aim of authenticating one agent to another. Yet there is no clear consensus in the academic literature about precisely what ''authentication'' means. In this paper we suggest that the appropriate authentication requirement will depend upon the use to which the protocol is pur, and identify several possible definitions of ''authentication''. We formalize each definition using the process algebra CSP, use this formalism to study their relative strengths, and show how the model checker FDR can be used to test whether a system running the protocol meets such a specification.