A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
A calculus for cryptographic protocols
Information and Computation
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Strand spaces: proving security protocols correct
Journal of Computer Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Authentication tests and the structure of bundles
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
Proof Techniques for Cryptographic Processes
LICS '99 Proceedings of the 14th Annual IEEE Symposium on Logic in Computer Science
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Authenticity by tagging and typing
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Analysis of Typed Analyses of Authentication Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
A calculus of challenges and responses
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Proceedings of the 15th ACM conference on Computer and communications security
Automatic verification of correspondences for security protocols
Journal of Computer Security
Ubiquitous verification of ubiquitous systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Type-based automated verification of authenticity in asymmetric cryptographic protocols
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
We propose a type and effect system for authentication protocols built upon a tagging scheme that formalizes the intended semantics of ciphertexts. The main result is that the validation of each component in isolation is provably sound and fully compositional: if all the protocol participants are independently validated, then the protocol as a whole guarantees authentication in the presence of Dolev-Yao intruders possibly sharing long term keys with honest principals. Protocols are thus validated in the presence of both malicious outsiders and compromised insiders. The highly compositional nature of the analysis makes it suitable for multi-protocol systems, where different protocols might be executed concurrently.