Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Protocol insecurity with a finite number of sessions and composed keys is NP-complete
Theoretical Computer Science
How to prevent type flaw attacks on security protocols
Journal of Computer Security - CSFW13
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Information Processing Letters
SAT-based model-checking for security protocols analysis
International Journal of Information Security
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Using ProVerif to Analyze Protocols with Diffie-Hellman Exponentiation
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Maude-NPA: Cryptographic Protocol Analysis Modulo Equational Properties
Foundations of Security Analysis and Design V
On the Relative Soundness of the Free Algebra Model for Public Key Encryption
Electronic Notes in Theoretical Computer Science (ENTCS)
Bounding messages for free in security protocols
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
New directions in cryptography
IEEE Transactions on Information Theory
POST'12 Proceedings of the First international conference on Principles of Security and Trust
| Hi-index | 0.00 |
An excellent way for a protocol to obtain shared keys is Diffie-Hellman. For the automated verification of security protocols, the use of Diffie-Hellman poses a certain amount of difficulty, because it requires algebraic reasoning. Several tools work in the free algebra and even for tools that do support Diffie-Hellman, the algebraic reasoning becomes a bottleneck. We provide a new relative-soundness result: for a large class of protocols, significantly restricting the abilities of the intruder is without loss of attacks. We also show the soundness of a very restrictive encoding of Diffie-Hellman proposed by Millen and how to obtain a problem that can be answered in the free algebra without increasing its size upon encoding. This enables the efficient use of free-algebra verification tools for Diffie-Hellman based protocols and significantly reduces search-spaces for tools that do support algebraic reasoning.