The Interrogator: Protocol Secuity Analysis
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Introduction to the ISO specification language LOTOS
Computer Networks and ISDN Systems - Special Issue: Protocol Specification and Testing
ACM Transactions on Computer Systems (TOCS)
An approach to the formal verification of cryptographic protocols
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Using CSP to Detect Errors in the TMN Protocol
IEEE Transactions on Software Engineering
Verifying Authentication Protocols in CSP
IEEE Transactions on Software Engineering
Model-Based Verification of a Security Protocol for Conditional Access to Services
Formal Methods in System Design
A Computer Aided Design of a Secure Registration Protocol
FORTE X / PSTV XVII '97 Proceedings of the IFIP TC6 WG6.1 Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols (FORTE X) and Protocol Specification, Testing and Verification (PSTV XVII)
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
On the security of public key protocols
IEEE Transactions on Information Theory
Analysis of security protocols as open systems
Theoretical Computer Science
Symbolic Semantics and Analysis for Crypto-CCS with (Almost) Generic Inference Systems
MFCS '02 Proceedings of the 27th International Symposium on Mathematical Foundations of Computer Science
Analysis of a Security Protocol in µCRL
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Automated Security Protocol Analysis With the AVISPA Tool
Electronic Notes in Theoretical Computer Science (ENTCS)
Hi-index | 0.25 |
We explain how the formal language LOTOS can be used to specify security protocols and cryptographic operations. We describe how security properties can be modelled as safety properties and how a model-based verification method can be used to verify the robustness of a protocol against attacks of an intruder. We illustrate our technique on a concrete registration protocol. We find an attack, correct the protocol, propose a simpler yet secure protocol, and finally a more sophisticated protocol that allows a better discrimination between intruder's attacks and classical protocol errors.