A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Analyzing security protocols with secrecy types and logic programs
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Authentication tests and the structure of bundles
Theoretical Computer Science
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
From Secrecy to Authenticity in Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Analysis of Typed Analyses of Authentication Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Static validation of security protocols
Journal of Computer Security
A derivation system and compositional logic for security protocols
Journal of Computer Security
Information and Computation
Cryptographic Pattern Matching
Electronic Notes in Theoretical Computer Science (ENTCS)
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Causality-based Abstraction of Multiplicity in Security Protocols
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Proceedings of the 15th ACM conference on Computer and communications security
Complexity of Checking Freshness of Cryptographic Protocols
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Ubiquitous verification of ubiquitous systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Security goals and protocol transformations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
This paper presents a novel approach for concisely abstracting authentication protocols and for subsequently analyzing those abstractions in a sound manner, i.e., deriving authentication guarantees for protocol abstractions suffices for proving these guarantees for the actual protocols. The abstractions are formalized in a process calculus which constitutes a higher-level abstraction of the ρspi calculus and is specifically tailored towards reasoning about challenge-response mechanisms within authentication protocols. Furthermore, it allows for expressing protocols without having to include details on the specific structure of exchanged messages. This in particular entails that many authentication protocols share a common abstraction so that a single validation of this abstraction already gives rise to security guarantees for all these protocols. Such an abstract validation can be automatically performed using static analysis techniques based on an effect system proposed in this paper. Finally, extensions to additional protocol classes enjoy a soundness theorem provided that these extensions satisfy certain explicit, easily checkable conditions.