Communications of the ACM
Programming Perl (2nd ed.)
An approach to the formal verification of cryptographic protocols
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying Authentication Protocols in CSP
IEEE Transactions on Software Engineering
A calculus for cryptographic protocols
Information and Computation
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Strand spaces: proving security protocols correct
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
Analyzing security protocols with secrecy types and logic programs
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Theoretical Computer Science
Authentication tests and the structure of bundles
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
From Secrecy to Authenticity in Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Towards Automatic Verification of Authentication Protocols on an Unbounded Network
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Typing correspondence assertions for communication protocols
Theoretical Computer Science
Authenticity by Typing for Security Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Compositional Logic for Protocol Correctness
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Timed spi-calculus with types for secrecy and authenticity
CONCUR 2005 - Concurrency Theory
Secrecy types for a simulatable cryptographic library
Proceedings of the 12th ACM conference on Computer and communications security
Information and Computation
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
A calculus of challenges and responses
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Proceedings of the 15th ACM conference on Computer and communications security
Type-Based Automated Verification of Authenticity in Cryptographic Protocols
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Automatic verification of correspondences for security protocols
Journal of Computer Security
A type system for discretionary access control†
Mathematical Structures in Computer Science
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
How to do things with cryptographic protocols
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secrecy and authenticity types for secure distributed messaging
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Ubiquitous verification of ubiquitous systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Type-based automated verification of authenticity in asymmetric cryptographic protocols
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Algebraic foundations for effect-dependent optimisations
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Static analysis of authentication
Foundations of Security Analysis and Design III
Computational secrecy by typing for the pi calculus
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Is cryptyc able to detect insider attacks?
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Completeness of the authentication tests
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
We present the first type and effect system for proving authenticity properties of security protocols based on asymmetric cryptography. The most significant new features of our type system are: (1) a separation of public types (for data possibly sent to the opponent) from tainted types (for data possibly received from the opponent) via a subtype relation; (2) trust effects, to guarantee that tainted data does not, in fact, originate from the opponent; and (3) challenge/response types to support a variety of idioms used to guarantee message freshness. We illustrate the applicability of our system via protocol examples. This material is based upon work supported by the National Science Foundation under Grant No. 0208549.