Secure untrusted binaries — provably!

Authors:
Simon Winwood;Manuel M. T. Chakravarty
Affiliations:
Dept. of Computer Science, University of the Philippines-Diliman;Dept. of Computer Science, University of the Philippines-Diliman
Venue:
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Year:
2005

Citing 8
Cited 2

Paradigm shifts in protocol analysis

Proceedings of the 1999 workshop on New security paradigms
Using encryption for authentication in large networks of computers

Communications of the ACM
Evolution of Fair Non-repudiation with TTP

ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Mechanical Proofs about a Non-repudiation Protocol

TPHOLs '01 Proceedings of the 14th International Conference on Theorem Proving in Higher Order Logics
Formal Analysis of a Non-Repudiation Protocol

CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
On Unifying Some Cryptographic Protocol Logics

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A fair non-repudiation protocol

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy

Evaluating SFI for a CISC architecture

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
On the automated synthesis of proof-carrying temporal reference monitors

LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Most of the previous comparisons of formal analyses of security protocols have concentrated on the tabulation of attacks found or missed. More recent investigations suggest that such cursory comparisons can be misleading. The original context of a protocol as well as the operating assumptions of the analyst have to be taken into account before conducting comparative evaluations of different analyses of a protocol. In this paper, we present four analyses of the Zhou-Gollmann non-repudiation protocol and trace the differences in the results of the four analyses to the differences in the assumed contexts. This shows that even contemporary analyses may unknowingly deviate from a protocol's original context.