Safely composing security protocols

Authors:
Véronique Cortier;Jérémie Delaitre;Stéphanie Delaune
Affiliations:
LORIA, CNRS & INRIA, Nancy, France;LORIA, CNRS & INRIA, Nancy, France;LORIA, CNRS & INRIA, Nancy, France
Venue:
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Year:
2007

Citing 16
Cited 15

Prudent Engineering Practice for Cryptographic Protocols

IEEE Transactions on Software Engineering
Using encryption for authentication in large networks of computers

Communications of the ACM
Constraint solving for bounded-process cryptographic protocol analysis

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On Name Generation and Set-Based Analysis in the Dolev-Yao Model

CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Protocol Interactions and the Chosen Protocol Attack

Proceedings of the 5th International Workshop on Security Protocols
Protocol insecurity with a finite number of sessions and composed keys is NP-complete

Theoretical Computer Science
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Protocol Independence through Disjoint Encryption

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Universally Composable Security: A New Paradigm for Cryptographic Protocols

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Security properties: two agents are sufficient

Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Protocol Composition Logic (PCL)

Electronic Notes in Theoretical Computer Science (ENTCS)
Verification of cryptographic Protocols: tagging enforces termination

FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
Environmental requirements for authentication protocols

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Deciding key cycles for security protocols

LPAR'06 Proceedings of the 13th international conference on Logic for Programming, Artificial Intelligence, and Reasoning

Challenges in the Automated Verification of Security Protocols

IJCAR '08 Proceedings of the 4th international joint conference on Automated Reasoning
From One Session to Many: Dynamic Tags for Security Protocols

LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
Safely composing security protocols

Formal Methods in System Design
Cryptographic Protocol Composition via the Authentication Tests

FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Deciding security properties for cryptographic protocols. application to key cycles

ACM Transactions on Computational Logic (TOCL)
Bounding messages for free in security protocols

FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Detecting and preventing type flaws at static time

Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Understanding abstractions of secure channels

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Protocol analysis modulo combination of theories: a case study in Maude-NPA

STM'10 Proceedings of the 6th international conference on Security and trust management
Trusted multiplexing of cryptographic protocols

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Secure composition of protocols

TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Security goals and protocol transformations

TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Composition of password-based protocols

Formal Methods in System Design
Analysing TLS in the strand spaces model

Journal of Computer Security
Establishing and preserving protocol security goals

Journal of Computer Security - Foundational Aspects of Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security protocols are small programs that are executed in hostile environments. Many results and tools have been developed to formally analyze the security of a protocol. However even when a protocol has been proved secure, there is absolutely no guarantee if the protocol is executed in an environment where other protocols, possibly sharing some common identities and keys like public keys or long-term symmetric keys, are executed. In this paper, we show that whenever a protocol is secure, it remains secure even in an environment where arbitrary protocols are executed, provided each encryption contains some tag identifying each protocol, like e.g. the name of the protocol.