The existence of refinement mappings
Theoretical Computer Science
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Secure implementation of channel abstractions
Information and Computation
A Calculus for Secure Channel Establishment in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
I/O Automaton Models and Proofs for Shared-Key Communication Systems
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Preserving Information Flow Properties under Refinement
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
An Encapsulated Authentication Logic for Reasoning about Key Distribution Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A derivation system and compositional logic for security protocols
Journal of Computer Security
Scalable Protocols for Authenticated Group Key Exchange
Journal of Cryptology
Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Sums and Lovers: Case Studies in Security, Compositionality and Refinement
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Deriving secrecy in key establishment protocols
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
The shadow knows: refinement of ignorance in sequential programs
MPC'06 Proceedings of the 8th international conference on Mathematics of Program Construction
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Developing a consensus algorithm using stepwise refinement
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Refinement-based design of a group-centric secure information sharing model
Proceedings of the second ACM conference on Data and Application Security and Privacy
Constructive cryptography --- a new paradigm for security definitions and proofs
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
G2C: cryptographic protocols from goal-driven specifications
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Verifying implementations of security protocols by refinement
VSTTE'12 Proceedings of the 4th international conference on Verified Software: theories, tools, experiments
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
We propose a development method for security protocols based on stepwise refinement. Our refinement strategy guides the transformation of abstract security goals into protocols that are secure when operating over an insecure channel controlled by a Dolev-Yao-style intruder. The refinement steps successively introduce local states, an intruder, communication channels with security properties, and cryptographic operations realizing these channels. The abstractions used provide insights on how the protocols work and foster the development of families of protocols sharing a common structure and properties. In contrast to post-hoc verification methods, protocols are developed together with their correctness proofs. We have implemented our method in Isabelle/HOL and used it to develop different entity authentication and key transport protocols.