Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Logics of time and computation
Logics of time and computation
ACM Transactions on Computer Systems (TOCS)
Knowledge and common knowledge in a distributed environment
Journal of the ACM (JACM)
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
On key distribution protocols for repeated authentication
ACM SIGOPS Operating Systems Review
Systematic Design of Two-Party Authentication Protocols
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Roles in Cryptographic Protocols
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Logical Language for Specifying Cryptographic Protocol Requirements
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
On key distribution protocols for repeated authentication
ACM SIGOPS Operating Systems Review
A Model for Secure Protocols and Their Compositions
IEEE Transactions on Software Engineering
A Formal Language for Cryptographic Protocol Requirements
Designs, Codes and Cryptography - Special issue dedicated to Gustavus J. Simmons
An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Clarifying straight replays and forced delays
ACM SIGOPS Operating Systems Review
An Authentication Logic with Formal Semantics Supporting Synchronization, Revocation, and Recency
IEEE Transactions on Software Engineering
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Insider Fraud (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Abstracting Cryptographic Protocols with Tree Automata
SAS '99 Proceedings of the 6th International Symposium on Static Analysis
Abstracting cryptographic protocols with tree automata
Science of Computer Programming - Special issue on static analysis (SAS'99)
Decision Procedures for the Analysis of Cryptographic Protocols by Logics of Belief
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Temporal Logics of Knowledge and their Applications in Security
Electronic Notes in Theoretical Computer Science (ENTCS)
Modeling and Verifying Time Sensitive Security Protocols with Constraints
Electronic Notes in Theoretical Computer Science (ENTCS)
Limitations on design principles for public key protocols
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Temporal accountability and anonymity in medical sensor networks
Mobile Networks and Applications - Special issue on Wireless and Personal Communications
| Hi-index | 0.00 |
In [BAN89] Burrows, Abadi, and Needham presented a logic (BAN) for analyzing cryptographic protocols in terms of belief. This logic is quite useful in uncovering flaws in protocols; however, it also has produced confusion and controversy. Much of the confusion was cleared up when Abadi and Tuttle provided a semantics for a version of that logic (AT) in [AT91].In this paper we present a protocol to show that both BAN and AT are not expressive enough to capture all of the kinds of flaws that appear to be within their scope. We then present a logic that adds temporal formalisms to AT and that is rich enough to reveal the flaws in the presented protocol; nonetheless, this logic is sound with respect to the same semantics that was given in [AT91]. Finally, we argue that any approach of this type is inadequate by itself to demonstrate the absence of such flaws. We must supplement the formal logic with semantic analysis techniques.