Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
A Model for Secure Protocols and Their Compositions
IEEE Transactions on Software Engineering
On the importance of securing your bins: the garbage-man-in-the-middle attack
Proceedings of the 4th ACM conference on Computer and communications security
Paradigm shifts in protocol analysis
Proceedings of the 1999 workshop on New security paradigms
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
Systematic Design of Two-Party Authentication Protocols
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Protocol Interactions and the Chosen Protocol Attack
Proceedings of the 5th International Workshop on Security Protocols
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
SKEME: a versatile secure key exchange mechanism for Internet
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Limitations on Design Principles for Public Key Protocols
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
A derivation system and compositional logic for security protocols
Journal of Computer Security
Modelling the relative strength of security protocols
Proceedings of the 2nd ACM workshop on Quality of protection
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
A framework for compositional verification of security protocols
Information and Computation
Safely composing security protocols
Formal Methods in System Design
Safely composing security protocols
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Understanding abstractions of secure channels
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Client v. server side protocols, interfaces and storage
Proceedings of the 11th international conference on Security Protocols
Secure composition of protocols
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Hi-index | 0.00 |
Most work on requirements in the area of authentication protocols has concentrated on identifying requirements for the protocol without much consideration of context. Little work has concentrated on assumptions about the environment, for example, the applications that make use of authenticated keys. We will show in this paper how the interaction between a protocol and its environment can have a major effect on a protocol. Specifically we will demonstrate a number of attacks on published and/or widely used protocols that are not feasible against the protocol running in isolation (even with multiple runs) but become feasible in some application environments. We will also discuss the tradeoff between putting constraints on a protocol and putting constraints on the environment in which it operates.