Using Time Instead of Timeout for Fault-Tolerant Distributed Systems.
ACM Transactions on Programming Languages and Systems (TOPLAS)
ACM Transactions on Computer Systems (TOCS)
Theoretical Computer Science
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Network Security Under Siege: The Timing Attack
Computer - Special issue: neural computing: companion issue to Spring 1996 IEEE Computational Science & Engineering
Proceedings of the 7th ACM conference on Computer and communications security
Limitations of the Kerberos authentication system
ACM SIGCOMM Computer Communication Review
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Probabilistic Symbolic Model Checking with PRISM: A Hybrid Approach
TACAS '02 Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Analysing Time Dependent Security Properties in CSP Using PVS
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols
LOPSTR '01 Selected papers from the 11th International Workshop on Logic Based Program Synthesis and Transformation
An Improved Constraint-Based System for the Verification of Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Modeling and verification of parallel processes
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Timed model checking of security protocols
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A simple language for real-time cryptographic protocol analysis
ESOP'03 Proceedings of the 12th European conference on Programming
Analysis of the HIP base exchange protocol
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Formal Reasoning about Physical Properties of Security Protocols
ACM Transactions on Information and System Security (TISSEC)
Modelling trusted web applications
KES-AMSTA'12 Proceedings of the 6th KES international conference on Agent and Multi-Agent Systems: technologies and applications
Timed protocol insecurity problem is NP-complete
Future Generation Computer Systems
Hi-index | 0.00 |
We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol.