25Haz
What is different between SVO logic versus BAN logic?
While reading about authentication protocols, I saw on Wikipedia on Burrows-Abadi-Needham logic:
In some cases a protocol was reasoned as secure by the BAN analysis but were in fact insecure.[3] This has led to the abandonment of BAN-family logics in favor of proof methods based on standard invariance reasoning.[citation needed]
Then in this paper by Syverson I see:
In response to this diversity, Syverson and van Oorschot devised a logic, SVO, that was intended to unify the above predecessors [SvO94, SvO96]
This is fairly technical material -- is there a more layman-level simple description of how the SVO logic improves upon BAN? I am also wondering to what extent the BAN-based logic is actually really "abandoned" in computer security.
