Secrecy by typing in security protocols
Journal of the ACM (JACM)
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
XenoTrust: Event-based distributed trust management
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Proceedings of the 11th ACM conference on Computer and communications security
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
Automated Verification of Selected Equivalences for Security Protocols
LICS '05 Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Timed spi-calculus with types for secrecy and authenticity
CONCUR 2005 - Concurrency Theory
Coercion-resistant electronic elections
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Coercion-Resistance and Receipt-Freeness in Electronic Voting
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Information and Computation
Theoretical Computer Science - Automated reasoning for security protocol analysis
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A Type Discipline for Authorization in Distributed Systems
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Secure Implementations for Typed Session Abstractions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
A calculus of challenges and responses
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Computational Soundness of Symbolic Zero-Knowledge Proofs Against Active Attackers
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Civitas: Toward a Secure Voting System
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Proceedings of the 15th ACM conference on Computer and communications security
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Proceedings of the 15th ACM conference on Computer and communications security
A certifying compiler for zero-knowledge proofs of knowledge based on Σ-protocols
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A formal model of identity mixer
FMICS'10 Proceedings of the 15th international conference on Formal methods for industrial critical systems
AnBx: security protocols design and verification
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Ubiquitous verification of ubiquitous systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
A dolev-yao model for zero knowledge
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Union and intersection types for secure protocol implementations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
NFM'12 Proceedings of the 4th international conference on NASA Formal Methods
DAA protocol analysis and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols
Proceedings of the 2012 ACM conference on Computer and communications security
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
This paper presents the first type system for statically analyzing security protocols that are based on zero-knowledge proofs. We show how certain properties offered by zero-knowledge proofs can be characterized in terms of authorization policies and statically enforced by a type system. The analysis is modular and compositional, and provides security proofs for an unbounded number of protocol executions. We develop a new type-checker that conducts the analysis in a fully automated manner. We exemplify the applicability of our technique to real-world protocols by verifying the authenticity and secrecy properties of the Direct Anonymous Attestation (DAA) protocol. The analysis of DAA takes less than three seconds.