Building a secure computer system
Building a secure computer system
A calculus of mobile processes, I
Information and Computation
A calculus of mobile processes, II
Information and Computation
A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Testing equivalence for mobile processes
Information and Computation
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
TIL: a type-directed optimizing compiler for ML
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A typed language for distributed mobile processes (extended abstract)
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
IEEE Transactions on Software Engineering
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A calculus for cryptographic protocols
Information and Computation
A sound type system for secure flow analysis
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Cryptography and data security
Cryptography and data security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Java Virtual Machine Specification
Java Virtual Machine Specification
A bisimulation method for cryptographic protocols
Nordic Journal of Computing
Protection in Programming-Language Translations
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
Reasoning about Cryptographic Protocols in the Spi Calculus
CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
Control Flow Analysis for the pi-calculus
CONCUR '98 Proceedings of the 9th International Conference on Concurrency Theory
The Polyadic Pi-calculus (Abstract)
CONCUR '92 Proceedings of the Third International Conference on Concurrency Theory
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
FoSSaCS '98 Proceedings of the First International Conference on Foundations of Software Science and Computation Structure
Secure Implementation of Channel Abstractions
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Strategies against Replay Attacks
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Proving Trust in Systems of 2nd-Order Processes: Preliminary Results
HICSS '98 Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences-Volume 7 - Volume 7
Limitations on Design Principles for Public Key Protocols
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Journal of Functional Programming
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Analyzing security protocols with secrecy types and logic programs
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Primitives for authentication in process algebras
Theoretical Computer Science
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
Types for the ambient calculus
Information and Computation - IFIP TCS2000
Analysis of security protocols as open systems
Theoretical Computer Science
Flow logic for Dolev-Yao secrecy in cryptographic processes
Future Generation Computer Systems - Parallel computing technologies (PaCT-2001)
Static Analysis for Secrecy and Non-interference in Networks of Processes
PaCT '01 Proceedings of the 6th International Conference on Parallel Computing Technologies
Transforming Processes to Check and Ensure Information Flow Security
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Notes on Nominal Calculi for Security and Mobility
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Classification of Security Properties (Part I: Information Flow)
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
Secrecy Types for Asymmetric Communication
FoSSaCS '01 Proceedings of the 4th International Conference on Foundations of Software Science and Computation Structures
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Noninterference for Concurrent Programs
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
Types for Cryptographic Protocols
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Programming methodology
Abstracting cryptographic protocols with tree automata
Science of Computer Programming - Special issue on static analysis (SAS'99)
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Reasoning about secrecy for active networks
Journal of Computer Security - CSFW13
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Authenticity by Typing for Security Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Logical relation for encryption
Journal of Computer Security - Special issue on CSFW14
Channel dependent types for higher-order mobile processes
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Soft constraint programming to analysing security protocols
Theory and Practice of Logic Programming
Stepwise development of security protocols: a speech act-oriented approach
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
Information and Computation
Authentication primitives for secure protocol specifications
Future Generation Computer Systems - Special issue: Parallel computing technologies
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Timed spi-calculus with types for secrecy and authenticity
CONCUR 2005 - Concurrency Theory
Secrecy types for a simulatable cryptographic library
Proceedings of the 12th ACM conference on Computer and communications security
Formal security analysis of basic network-attached storage
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Static validation of security protocols
Journal of Computer Security
Information flow in secure contexts
Journal of Computer Security
Information and Computation
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
Understanding the intruder through attacks on cryptographic protocols
Proceedings of the 44th annual Southeast regional conference
Weakening the perfect encryption assumption in Dolev-Yao adversaries
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Security types preserving compilation
Computer Languages, Systems and Structures
Component adaptation through flexible subservicing
Science of Computer Programming - Special issue on security issues in coordination models, languages, and systems
Information flow security in dynamic contexts
Journal of Computer Security
A type discipline for authorization policies
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Secrecy by interpretation functions
Knowledge-Based Systems
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
A calculus of challenges and responses
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
On the computational soundness of cryptographically masked flows
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
A type system for data-flow integrity on windows vista
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Information flow security of multi-threaded distributed programs
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Cryptographically-masked flows
Theoretical Computer Science
Rule-based dependency models for security protocol analysis
Integrated Computer-Aided Engineering
Interpretation functions-based method to verify secrecy under equational theories
TELE-INFO'08 Proceedings of the 7th WSEAS International Conference on Telecommunications and Informatics
Proceedings of the 15th ACM conference on Computer and communications security
A type system for data-flow integrity on Windows Vista
ACM SIGPLAN Notices
Secrecy of cryptographic protocols under equational theory
Knowledge-Based Systems
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Control Flow Analysis for the Applied π--calculus
Electronic Notes in Theoretical Computer Science (ENTCS)
Unwinding in Information Flow Security
Electronic Notes in Theoretical Computer Science (ENTCS)
The ρ-spi Calculus at Work: Authentication Case Studies
Electronic Notes in Theoretical Computer Science (ENTCS)
A Trace Logic for Local Security Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Authentication primitives for secure protocol specifications
Future Generation Computer Systems - Special issue: Parallel computing technologies
Information and Computation
Telehealth/AT '08 Proceedings of the IASTED International Conference on Telehealth/Assistive Technologies
Logical properties of name restriction
TLCA'01 Proceedings of the 5th international conference on Typed lambda calculi and applications
A proof system for information flow security
LOPSTR'02 Proceedings of the 12th international conference on Logic based program synthesis and transformation
Typing one-to-one and one-to-many correspondences in security protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
ESOP'03 Proceedings of the 12th European conference on Programming
Identifying dependency between secure messages for protocol analysis
KSEM'07 Proceedings of the 2nd international conference on Knowledge science, engineering and management
Type-based analysis of PIN processing APIs
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Reliable evidence: auditability by typing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Secure transaction protocol analysis: models and applications
Secure transaction protocol analysis: models and applications
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Finite models for formal security proofs
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Secrecy and authenticity types for secure distributed messaging
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
A type system for access control views in object-oriented languages
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Ubiquitous verification of ubiquitous systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Adaptable authentication model: exploring security with weaker attacker models
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
A typed specification for security protocols
DNCOCO'06 Proceedings of the 5th WSEAS international conference on Data networks, communications and computers
CONCUR'11 Proceedings of the 22nd international conference on Concurrency theory
Modular code-based cryptographic verification
Proceedings of the 18th ACM conference on Computer and communications security
Type-based automated verification of authenticity in asymmetric cryptographic protocols
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Flow Logic for Process Calculi
ACM Computing Surveys (CSUR)
Cryptographically-Masked flows
SAS'06 Proceedings of the 13th international conference on Static Analysis
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Abstract dependences for alarm diagnosis
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Reflections on trust: trust assurance by dynamic discovery of static properties
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Modeling for security verification of a cryptographic protocol with MAC payload
ICIC'05 Proceedings of the 2005 international conference on Advances in Intelligent Computing - Volume Part II
A type system for computationally secure information flow
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Admissible interference by typing for cryptographic protocols
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Analyzing security protocols in hierarchical networks
ATVA'06 Proceedings of the 4th international conference on Automated Technology for Verification and Analysis
On Protection by Layout Randomization
ACM Transactions on Information and System Security (TISSEC)
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Is cryptyc able to detect insider attacks?
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.01 |
We develop principles and rules for achieving secrecy properties in security protocols. Our approach is based on traditional classification techniques, and extends those techniques to handle concurrent processes that use shared-key cryptography. The rules have the form of typing rules for a basic concurrent language with cryptographic primitives, the spi calculus. They guarantee that, if a protocol typechecks, then it does not leak its secret inputs.