ACM Transactions on Computer Systems (TOCS)
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Extending cryptographic logics of belief to key agreement protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Reasoning about knowledge
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Using encryption for authentication in large networks of computers
Communications of the ACM
Verifying security protocols with Brutus
ACM Transactions on Software Engineering and Methodology (TOSEM)
Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
On the relationship between strand spaces and multi-agent systems
ACM Transactions on Information and System Security (TISSEC)
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
New semantic model for authentication protocols in ASMs
Journal of Computer Science and Technology
An Encapsulated Authentication Logic for Reasoning about Key Distribution Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Hi-index | 0.00 |
This paper introduces a new methodology that uses knowledge structures, a specific form of Kripke semantics for epistemic logic, to analyze communication protocols over hostile networks. The paper particularly focuses on automatic verification of authentication protocols. Our approach is based on the actual definitions of a protocol, not on some difficult-to-establish justifications. The proposed methodology is different from many previous approaches to automatic verification of security protocols in that it is justification-oriented instead of falsification-oriented, i.e., finding bugs in a protocol. The main idea is based on observations: separating a principal executing a run of protocol from the role in the protocol, and inferring a principal's knowledge from the local observations of the principal. And we show analytically and empirically that this model can be easily reduced to Satisfiability (SAT) problem and efficiently implemented by a modern SAT solver.