Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Authentication tests and the structure of bundles
Theoretical Computer Science
The Use of Explicit Plans to Guide Inductive Proofs
Proceedings of the 9th International Conference on Automated Deduction
Strategies against Replay Attacks
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A Method for Patching Interleaving-Replay Attacks in Faulty Security Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Some encounters on the productive use of a failed proof attempt or a counterexample
MICAI'10 Proceedings of the 9th Mexican international conference on Advances in artificial intelligence: Part I
| Hi-index | 0.00 |
Although there exist informal design guidelines and formal development support, security protocol development is time-consuming because design is error-prone. In this paper, we introduce Shrimp, a mechanism that aims to speed up the development cycle by adding automated aid for protocol diagnosis and repair. Shrimp relies on existing verification tools both to analyse an intermediate protocol and to compute attacks if the protocol is flawed. Then it analyses such attacks to pinpoint the source of the failure and synthesises appropriate patches, using Abadi and Needham's principles for protocol design. We have translated some of these principles into formal requirements on (sets of) protocol steps. For each requirement, there is a collection of rules that transform a set of protocol steps violating the requirement into a set conforming it. We have successfully tested our mechanism on 36 faulty protocols, getting a repair rate of 90%.