A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Strand spaces: proving security protocols correct
Journal of Computer Security
Inductive methods and contract-signing protocols
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authentication tests and the structure of bundles
Theoretical Computer Science
Security Goals: Packet Trajectories and Strand Spaces
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A Simple Logic for Authentication Protocol Design
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Game Analysis of Abuse-free Contract Signing
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Authenticity by Typing for Security Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Prudent Engineering Practice for Cryptographic Protocols
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The faithfulness of abstract protocol analysis: message authentication
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Analysing protocols subject to guessing attacks
Journal of Computer Security - Special issue on WITS'02
Posets and protocols-picking the right three-party protocol
IEEE Journal on Selected Areas in Communications
Attestation: Evidence and Trust
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Automatic Methods for Analyzing Non-repudiation Protocols with an Active Intruder
Formal Aspects in Security and Trust
How to do things with cryptographic protocols
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Trusted multiplexing of cryptographic protocols
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Security protocol analysis with improved authentication tests
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Security goals and protocol transformations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Efficient construction of machine-checked symbolic protocol security proofs
Journal of Computer Security
Hi-index | 0.00 |
We describe a protocol design process, and illustrate its use by creating ATSPECT, an Authentication Test-based Secure Protocol for Electronic Commerce Transactions. The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory. The authentication tests dictate how randomly generated values such as nonces may be combined with encryption to achieve authentication and freshness. ATSPECT offers functionality and security guarantees akin to the purchase request, payment authorization, and payment capture phases of SET, the secure electronic transaction standard created by the major credit card firms.