Decidability of the purely existential fragment of the theory of term algebras
Journal of the ACM (JACM)
Using encryption for authentication in large networks of computers
Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
A derivation system and compositional logic for security protocols
Journal of Computer Security
On the security of public key protocols
IEEE Transactions on Information Theory
Computational Semantics for First-Order Logical Analysis of Cryptographic Protocols
Formal to Practical Security
Computational semantics for basic protocol logic: a stochastic approach
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Hi-index | 0.00 |
We give an axiomatic system in first-order predicate logic with equality for proving security protocols correct. Our axioms and inference rules derive the basic inference rules, which are explicitly or implicitly used in the literature of protocol logics, hence we call our axiomatic system Basic Protocol Logic (or BPL, for short). We give a formal semantics for BPL, and show the completeness theorem such that for any given query (which represents a correctness property) the query is provable iff it is true for any model. Moreover, as a corollary of our completeness proof, the decidability of provability in BPL holds for any given query. In our formal semantics we consider a ''trace'' any kind of sequence of primitive actions, counter-models (which are generated from an unprovable query) cannot be immediately regarded as realizable traces (i.e., attacked processes on the protocol in question). However, with the aid of Comon-Treinen's algorithm for the intruder deduction problem, we can determine whether there exists a realizable trace among formal counter-models, if any, generated by the proof-search method (used in our completeness proof). We also demonstrate that our method is useful for both proof construction and flaw analysis by using a simple example.