Communicating sequential processes
Communicating sequential processes
ACM Transactions on Computer Systems (TOCS)
A classical mind
SOFL: A Formal Engineering Methodology for Industrial Applications
IEEE Transactions on Software Engineering
Verifying Authentication Protocols in CSP
IEEE Transactions on Software Engineering
Blending Object-Z and Timed CSP: an introduction to TCOZ
Proceedings of the 20th international conference on Software engineering
IEEE Transactions on Software Engineering
Casper: a compiler for the analysis of security protocols
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
A Practical Secret Voting Scheme for Large Scale Elections
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
An Object Semantic Model of SOFL
IFM '99 Proceedings of the 1st International Conference on Integrated Formal Methods
On Unifying Some Cryptographic Protocol Logics
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Anonymity and information hiding in multiagent systems
Journal of Computer Security
Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Specifying and Verifying Event-Based Fairness Enhanced Systems
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
PAT: Towards Flexible Verification under Fairness
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Automatic verification of correspondences for security protocols
Journal of Computer Security
Verifying privacy-type properties of electronic voting protocols
Journal of Computer Security
Model Checking Linearizability via Refinement
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Computer-assisted verification of a protocol for certified email
SAS'03 Proceedings of the 10th international conference on Static analysis
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A fair non-repudiation protocol
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Analysis of a receipt-free auction protocol in the applied pi calculus
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
ISC'06 Proceedings of the 9th international conference on Information Security
Analysis of an electronic voting protocol in the applied pi calculus
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Verifying security protocols: an application of CSP
CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
Hi-index | 0.00 |
Security protocols play more and more important roles with wide use in many applications nowadays. Currently, there are many tools for specifying and verifying security protocols such as Casper/FDR, ProVerif, or AVISPA. In these tools, the intruder's ability, which either needs to be specified explicitly or set by default, is not flexible in some circumstances. Moreover, whereas most of the existing tools focus on secrecy and authentication properties, few supports privacy properties like anonymity, receipt freeness, and coercion resistance, which are crucial in many applications such as in electronic voting systems or anonymous online transactions.In this paper, we introduce a framework for specifying security protocols in the labeled transition system (LTS) semantics model, which embeds the knowledge of the participants and parameterizes the ability of an attacker. Using this model, we give the formal definitions for three types of privacy properties based on trace equivalence and knowledge reasoning. The formal definitions for some other security properties, such as secrecy and authentication, are introduced under this framework, and the verification algorithms are also given. The results of this paper are embodied in the implementation of a SeVe module in a process analysis toolkit (PAT) model checker, which supports specifying, simulating, and verifying security protocols. The experimental results show that a SeVe module is capable of verifying many types of security protocols and complements the state-of-the-art security verifiers in several aspects. Moreover, it also proves the ability in building an automatic verifier for security protocols related to privacy type, which are mostly verified by hand now.