Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
ACM Transactions on Computer Systems (TOCS)
Key distribution protocol for digital mobile communication systems
CRYPTO '89 Proceedings on Advances in cryptology
A note on the use of timestamps as nonces
ACM SIGOPS Operating Systems Review
Optimal privacy and authentication on a portable communications system
ACM SIGOPS Operating Systems Review
A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Two attacks on Neuman-Stubblebine authentication protocols
Information Processing Letters
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Strand spaces: proving security protocols correct
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CVS: A Compiler for the Analysis of Cryptographic Protocols
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The faithfulness of abstract protocol analysis: message authentication
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Security Goals: Packet Trajectories and Strand Spaces
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Security Protocol Design via Authentication Tests
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Authenticity by tagging and typing
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Stepwise development of security protocols: a speech act-oriented approach
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
The faithfulness of abstract protocol analysis: message authentication
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Relating multiset rewriting and process algebras for security protocol analysis
Journal of Computer Security - Special issue on WITS'03
A comparison between strand spaces and multiset rewriting for security protocol analysis
Journal of Computer Security
Injective synchronisation: an extension of the authentication hierarchy
Theoretical Computer Science - Automated reasoning for security protocol analysis
A (restricted) quantifier elimination for security protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Skeletons, Homomorphisms, and Shapes: Characterizing Protocol Executions
Electronic Notes in Theoretical Computer Science (ENTCS)
Authentication tests and disjoint encryption: A design method for security protocols
Journal of Computer Security - Special issue on CSFW15
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
A calculus of challenges and responses
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
A formal semantics for protocol narrations
Theoretical Computer Science
A framework for compositional verification of security protocols
Information and Computation
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Minimal backups of cryptographic protocol runs
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Cryptographic Protocol Composition via the Authentication Tests
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Automatic verification of correspondences for security protocols
Journal of Computer Security
Semantics and logic for security protocols
Journal of Computer Security
A Syntactic Criterion for Injectivity of Authentication Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Tags for Multi-Protocol Authentication
Electronic Notes in Theoretical Computer Science (ENTCS)
The ρ-spi Calculus at Work: Authentication Case Studies
Electronic Notes in Theoretical Computer Science (ENTCS)
A Trace Logic for Local Security Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Typing one-to-one and one-to-many correspondences in security protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
How to do things with cryptographic protocols
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Detecting and preventing type flaws at static time
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
A logic-based verification framework for authentication protocols
International Journal of Internet Technology and Secured Transactions
Resiliency aspects of security protocols
Proceedings of the 15th international conference on Security protocols
Understanding abstractions of secure channels
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Programming cryptographic protocols
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Distributed temporal logic for the analysis of security protocol models
Theoretical Computer Science
Honoring Carolyn Talcott's contributions to science
Formal modeling
State and Progress in Strand Spaces: Proving Fair Exchange
Journal of Automated Reasoning
Trusted multiplexing of cryptographic protocols
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Specifying and modelling secure channels in strand spaces
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Security protocol analysis with improved authentication tests
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Optimized initiation phases for anonymous auction protocols
HSI'05 Proceedings of the 3rd international conference on Human Society@Internet: web and Communication Technologies and Internet-Related Social Issues
Static analysis of authentication
Foundations of Security Analysis and Design III
Analysing applications layered on unilaterally authenticating protocols
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Completeness of the authentication tests
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
On the automated correction of security protocols susceptible to a replay attack
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Sessions and separability in security protocols
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Analysing TLS in the strand spaces model
Journal of Computer Security
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 5.23 |
Suppose a principal in a cryptographic protocol creates and transmits a message containing a new value v, later receiving v back in a different cryptographic context. It can be concluded that some principal possessing the relevant key has received and transformed the message in which v was emitted. In some circumstances, this principal must be a regular participant of the protocol, not the penetrator. An inference of this kind is an authentication test. We introduce two main kinds of authentication test. An outgoing test is one in which the new value v is transmitted in encrypted form, and only a regular participant can extract it from that form. An incoming test is one in which v is received back in encrypted form, and only a regular participant can put it in that form. We combine these two tests with a supplementary idea, the unsolicited test, and a related method for checking that keys remain secret. Together, these techniques determine what authentication properties are achieved by a wide range of cryptographic protocols. In this paper we introduce authentication tests and prove their soundness. We illustrate their power by giving new and straightforward proofs of security goals for several protocols. We also illustrate how to use the authentication tests as a heuristic for finding attacks against incorrect protocols. Finally, we suggest a protocol design process. We express these ideas in the strand space formalism (Thayer et al. J. Comput. Security 7 (1999) 191-230), which provides a convenient context to prove them correct.