STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Secure implementation of channel abstractions
Information and Computation
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Towards a Completeness Result for Model Checking of Security Protocols
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A derivation system and compositional logic for security protocols
Journal of Computer Security
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Computationally sound, automated proofs for security protocols
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
A secure compiler for session abstractions
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
From One Session to Many: Dynamic Tags for Security Protocols
LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
Developing security protocols by refinement
Proceedings of the 17th ACM conference on Computer and communications security
Security goals and protocol transformations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Sessions and separability in security protocols
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity. An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting - security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient's public key.