ACM Computing Surveys (CSUR)
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Automated Unbounded Verification of Security Protocols
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Pattern-based abstraction for verifying secrecy in protocols
International Journal on Software Tools for Technology Transfer (STTT) - Special section on Tools and Algorithms for the Construction and Analysis of Systems
Automation for interactive proof: first prototype
Information and Computation - Special issue: Combining logical systems
Formal Correctness of Security Protocols (Information Security and Cryptography)
Formal Correctness of Security Protocols (Information Security and Cryptography)
SAT-based model-checking for security protocols analysis
International Journal of Information Security
On the relationships between models in protocol verification
Information and Computation
Towards Producing Formally Checkable Security Proofs, Automatically
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
System Description: Spass Version 3.0
CADE-21 Proceedings of the 21st international conference on Automated Deduction: Automated Deduction
The Open-Source Fixed-Point Model Checker for Symbolic Analysis of Security Protocols
Foundations of Security Analysis and Design V
Security protocols: from linear to classical logic by abstract interpretation
Information Processing Letters
A comparison between strand spaces and multiset rewriting for security protocol analysis
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Security properties: two agents are sufficient
ESOP'03 Proceedings of the 12th European conference on Programming
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
Source-level proof reconstruction for interactive theorem proving
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
Building formal method tools in the Isabelle/Isar framework
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
Handling exp, χ (and timestamps) in protocol analysis
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Efficient construction of machine-checked symbolic protocol security proofs
Journal of Computer Security
Hi-index | 0.00 |
A number of current automated protocol verification tools are based on abstract interpretation techniques and other over-approximations of the set of reachable states or traces. The protocol models that these tools employ are shaped by the needs of automated verification and require subtle assumptions. Also, a complex verification tool may suffer from implementation bugs so that in the worst case the tool could accept some incorrect protocols as being correct. These risks of errors are also present, but considerably smaller, when using an LCF-style theorem prover like Isabelle. The interactive security proof, however, requires a lot of expertise and time. We combine the advantages of both worlds by using the representation of the over-approximated search space computed by the automated tools as a “proof idea” in Isabelle. Thus, we devise proof tactics for Isabelle that generate the correctness proof of the protocol from the output of the automated tools. In the worst case, these tactics fail to construct a proof, namely when the representation of the search space is for some reason incorrect. However, when they succeed, the correctness only relies on the basic model and the Isabelle core.