Model checking
Symbolic Model Checking without BDDs
TACAS '99 Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
LTL Model Checking for Security Protocols
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
SAT-based model-checking for security protocols analysis
International Journal of Information Security
Proceedings of the 6th ACM workshop on Formal methods in security engineering
On the security of public key protocols
IEEE Transactions on Information Theory
| Hi-index | 0.00 |
This thesis is about the application of automated reasoning techniques to the formal analysis of security protocols. More in detail, it proposes a general model-checking framework for security protocols based on a set-rewriting formalism that, coupled with the use of Linear Temporal Logic, allows for the specification of assumptions on principals and communication channels as well as complex security properties that are normally not handled by state-of-the-art protocol analyzers. The approach successfully combines encoding techniques originally developed for planning with bounded model-checking techniques. The effectiveness of the approach proposed is assessed against the formal analysis of relevant security protocols, with the detection of a severe security flaw in Google's SAML-based SSO for Google Apps and a previously unknown attack on a patched version of the ASW contract-signing protocol.