ACM Transactions on Computer Systems (TOCS)
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Using CSP to Detect Errors in the TMN Protocol
IEEE Transactions on Software Engineering
Casper: a compiler for the analysis of security protocols
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
Using SPIN to Verify Security Properties of Cryptographic Protocols
Proceedings of the 9th International SPIN Workshop on Model Checking of Software
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Towards a Mechanization of Cryptographic Protocal Verification
CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Verifying authentication protocols with CSP
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Formal Automatic Verification of Authentication Cryptographic Protocols
ICFEM '97 Proceedings of the 1st International Conference on Formal Engineering Methods
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Decidability of context-explicit security protocols
Journal of Computer Security - Special issue on WITS'03
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Formal security analysis of Ariadne secure routing protocol using model checking
International Journal of Ad Hoc and Ubiquitous Computing
Hi-index | 0.00 |
Security protocols are notoriously difficult to debug. One approach to the automatic verification of security protocols with a bounded set of agents uses logic programming with analysis and synthesis rules to describe how the attacker gains information and constructs new messages. We propose a generic approach to verifying security protocols in Spin. The dynamic process creation mechanism of Spin is used to nondeterministically create different combinations of role instantiations. We incorporate the synthesis and analysis features of the logic programming approach to describe how the intruder learns information and replays it back into the system. We formulate a generic “loss of secrecy” property that is flagged whenever the intruder learns private information from an intercepted message. We also describe a simplification of the Dolev-Yao attacker model that suffices to analyze secrecy properties.