A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
Fault-perserving simplifying transformations for security protocols
Journal of Computer Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Authentication tests and the structure of bundles
Theoretical Computer Science
Secrecy by Typing inSecurity Protocols
TACS '97 Proceedings of the Third International Symposium on Theoretical Aspects of Computer Software
Security Goals: Packet Trajectories and Strand Spaces
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
TCS '00 Proceedings of the International Conference IFIP on Theoretical Computer Science, Exploring New Frontiers of Theoretical Informatics
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Strand Spaces and Rank Functions: More than Distant Cousins
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Automatic verification of the TLS handshake protocol
Proceedings of the 2004 ACM symposium on Applied computing
Formal analysis of modern security protocols
Information Sciences—Informatics and Computer Science: An International Journal
Equational Approach to Formal Analysis of TLS
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Relating Symbolic and Cryptographic Secrecy
IEEE Transactions on Dependable and Secure Computing
A modular correctness proof of IEEE 802.11i and TLS
Proceedings of the 12th ACM conference on Computer and communications security
A derivation system and compositional logic for security protocols
Journal of Computer Security
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A framework for compositional verification of security protocols
Information and Computation
Universally Composable Security Analysis of TLS
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Automatic verification of correspondences for security protocols
Journal of Computer Security
Compositionality of Security Protocols: A Research Agenda
Electronic Notes in Theoretical Computer Science (ENTCS)
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Safely composing security protocols
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Secrecy analysis in protocol composition logic
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Understanding abstractions of secure channels
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Relating two standard notions of secrecy
CSL'06 Proceedings of the 20th international conference on Computer Science Logic
Specifying and modelling secure channels in strand spaces
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Computationally sound, automated proofs for security protocols
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
On the security of public key protocols
IEEE Transactions on Information Theory
Completeness of the authentication tests
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
In this paper, we analyse the Transport Layer Security TLS protocol in particular, bilateral TLS in public-key mode within the strand spaces setting. In Proceedings of the 16th IEEE Computer Security Foundations Workshop CSFW, IEEE Computer Society, 2003, pp. 141--154, Broadfoot and Lowe suggested an abstraction of TLS. The abstraction models the security services that appear to be provided by the protocol to the high-level security layers. The outcome of our analysis provides a formalisation of the security services provided by TLS and proves that, under reasonable assumptions, the abstract model suggested by Broadfoot and Lowe is correct. To that end, we reduce the complexity of the protocol using fault-preserving simplifying transformations. We extend the strand spaces model in order to include the cryptographic operations used in TLS and facilitate its analysis. Finally, we use the extended strand spaces model to fully analyse the public-key mode of bilateral TLS with its two main components: the Handshake and Record Layer protocols.