A calculus of mobile processes, I
Information and Computation
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
A calculus for cryptographic protocols
Information and Computation
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Improved Constraint-Based System for the Verification of Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Computing Symbolic Models for Verifying Cryptographic Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
On the security of public key protocols
On the security of public key protocols
A calculus for control flow analysis of security protocols
International Journal of Information Security - Special issue on security in global computing
On the Expressiveness of Linearity vs Persistence in the Asychronous Pi-Calculus
LICS '06 Proceedings of the 21st Annual IEEE Symposium on Logic in Computer Science
Universal concurrent constraint programing: symbolic semantics and applications to security
Proceedings of the 2008 ACM symposium on Applied computing
Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming
A declarative framework for security: secure concurrent constraint programming
ICLP'06 Proceedings of the 22nd international conference on Logic Programming
| Hi-index | 0.00 |
The fundamental primitives of Concurrent Constraint Programming (CCP), ${\mathit{tell}}$ and ${\mathit {ask}}$, respectively adds knowledge to and infers knowledge from a shared constraint store. These features, and the elegant use of the constraint system to represent the abilities of attackers, make concurrent constraint programming and timed CCP (tcc ) interesting candidates for modeling and reasoning about security protocols. However, they lack primitives for the communication of secrets (or local names as in the *** -calculus) between agents. The recently proposed ${\mathit{universal}} {\mathtt{tcc}}$ (utcc ) introduces a universally quantified ask operation that makes it possible to infer knowledge which is local to other agents. However, it allows agents to guess knowledge even if it is encrypted or communicated on secret channels, simply by quantifying over both the encryption key (or channel) and the message simultaneously. We present a secure utcc (utcc s ) based on: (i) a simple type system for constraints allowing to distinguish between restricted (secure) and non-restricted (universally quantifiable) variables in constraints, and (ii) a generalization of the universally quantified ask operation to allow the assumption of local knowledge. We illustrate the use of the utcc s calculus with examples on communication of local names (as in the *** -calculus) and for giving semantics to secure pattern matching in a prototypical security language.