Using encryption for authentication in large networks of computers
Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Security properties: two agents are sufficient
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
A survey of algebraic properties used in cryptographic protocols
Journal of Computer Security
RFID authentication protocol for low-cost tags
WiSec '08 Proceedings of the first ACM conference on Wireless network security
A Minimalist Mutual Authentication Protocol for RFID System & BAN Logic Analysis
CCCM '08 Proceedings of the 2008 ISECS International Colloquium on Computing, Communication, Control, and Management - Volume 02
Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach
Proceedings of the 15th ACM conference on Computer and communications security
Comparing State Spaces in Automatic Security Protocol Analysis
Formal to Practical Security
Automatic verification of correspondences for security protocols
Journal of Computer Security
Anti-cloning protocol suitable to EPCglobal Class-1 Generation-2 RFID systems
Computer Standards & Interfaces
Using ProVerif to Analyze Protocols with Diffie-Hellman Exponentiation
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Algebraic Attacks on RFID Protocols
WISTP '09 Proceedings of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks
Secure EPC Gen2 Compliant Radio Frequency Identification
ADHOC-NOW '09 Proceedings of the 8th International Conference on Ad-Hoc, Mobile and Wireless Networks
Automatic analysis of the security of XOR-based key management schemes
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
The finite variant property: how to get rid of some algebraic properties
RTA'05 Proceedings of the 16th international conference on Term Rewriting and Applications
Comparison of cryptographic verification tools dealing with algebraic properties
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
| Hi-index | 0.00 |
Küsters and Truderung recently proposed an automatic verification method for security protocols with exclusive or (XOR). Their method reduces protocols with XOR to their XOR-free equivalents, enabling efficient verification by tools such as ProVerif. Although the proposed method works efficiently for verifying secrecy, verification of authentication properties is inefficient and sometimes impossible. In this paper, we improve the work by Küsters and Truderung in two ways. First, we extend their method for authentication verification to a richer class of XOR-protocols by automatically introducing bounded verification. Second, we improve the efficiency of their approach by developing a number of dedicated optimizations. We show the applicability of our work by implementing a prototype and applying it to both existing benchmarks and RFID protocols. The experiments show promising results and uncover a flaw in a recently proposed RFID protocol.