The verification of an industrial payment protocol: the SET purchase phase
Proceedings of the 9th ACM conference on Computer and communications security
Automatic SAT-Compilation of Protocol Insecurity Problems via Reduction to Planning
FORTE '02 Proceedings of the 22nd IFIP WG 6.1 International Conference Houston on Formal Techniques for Networked and Distributed Systems
Analysing a Stream Authentication Protocol Using Model Checking
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
How to prevent type flaw attacks on security protocols
Journal of Computer Security - CSFW13
Decidability of context-explicit security protocols
Journal of Computer Security - Special issue on WITS'03
Secure sessions for Web services
ACM Transactions on Information and System Security (TISSEC)
Modeling and Verifying Time Sensitive Security Protocols with Constraints
Electronic Notes in Theoretical Computer Science (ENTCS)
On the Relationship Between Web Services Security and Traditional Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Trusted multiplexing of cryptographic protocols
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Application of model checking to AXML system's security: a case study
WS-FM'06 Proceedings of the Third international conference on Web Services and Formal Methods
Verifying security protocols: an application of CSP
CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
Sound security protocol transformations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Analysing TLS in the strand spaces model
Journal of Computer Security
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
Recent techniques for analyzing security protocols have tended toconcentrate upon the small protocols that are typically found inthe academic literature. However, there is a huge gulf betweenthese and most large commercial protocols: the latter typicallyhave many more fields, and much higher levels of nested encryption.As a result, existing techniques are difficult to apply directly tothese large protocols. In this paper we develop the notion of fault-preservingsimplifying transformations: transformations that have the propertyof preserving insecurities; the effect of such transformations isthat if we can verify the transformed protocol, then we will haveverified the original protocol. We identify a number of suchfault-preserving simplifying transformations, and use them in theanalysis of a commercial protocol.