Integrating verification, testing, and learning for cryptographic protocols

Authors:
Martijn Oostdijk;Vlad Rusu;Jan Tretmans;R. G. De Vries;T. A. C. Willemse
Affiliations:
Radboud University, Nijmegen, NL and Eindhoven University of Technology, NL;Irisa/Inria Rennes, FR;Radboud University, Nijmegen, NL and Embedded Systems Institute, Eindhoven, NL;Radboud University, Nijmegen, NL;Radboud University, Nijmegen, NL and Eindhoven University of Technology, NL
Venue:
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Year:
2007

Citing 15
Cited 2

Linda in context

Communications of the ACM
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
A calculus for cryptographic protocols

Information and Computation
Inference of Reversible Languages

Journal of the ACM (JACM)
Casper: a compiler for the analysis of security protocols

Journal of Computer Security
The inductive approach to verifying cryptographic protocols

Journal of Computer Security
Model Checking of Safety Properties

Formal Methods in System Design
Rewriting for Cryptographic Protocol Verification

CADE-17 Proceedings of the 17th International Conference on Automated Deduction
Abstracting cryptographic protocols with tree automata

Science of Computer Programming - Special issue on static analysis (SAS'99)
Provable Implementations of Security Protocols

LICS '06 Proceedings of the 21st Annual IEEE Symposium on Logic in Computer Science
On the security of public key protocols

SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
The maude 2.0 system

RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Pattern-based abstraction for verifying secrecy in protocols

TACAS'03 Proceedings of the 9th international conference on Tools and algorithms for the construction and analysis of systems
Cryptographic protocol analysis on real c code

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
The AVISPA tool for the automated validation of internet security protocols and applications

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification

Model-based Security Testing Using UMLsec

Electronic Notes in Theoretical Computer Science (ENTCS)
Using passive testing based on symbolic execution and slicing techniques: Application to the validation of communication protocols

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

The verification of cryptographic protocol specifications is an active research topic and has received much attention from the formal verification community. By contrast, the black-box testing of actual implementations of protocols, which is, arguably, as important as verification for ensuring the correct functioning of protocols in the "real" world, is little studied. We propose an approach for checking secrecy and authenticity properties not only on protocol specifications, but also on black-box implementations. The approach is compositional and integrates ideas from verification, testing, and learning. It is illustrated on the Basic Access Control protocol implemented in biometric passports.