Automated Analysis of Some Security Mechanisms of SCEP

Authors:
Fabio Martinelli;Marinella Petrocchi;Anna Vaccarelli
Affiliations:
-;-;-
Venue:
ISC '02 Proceedings of the 5th International Conference on Information Security
Year:
2002

Citing 10
Cited 2

Using CSP to Detect Errors in the TMN Protocol

IEEE Transactions on Software Engineering
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Communication and Concurrency

Communication and Concurrency
Analysis of security protocols as open systems

Theoretical Computer Science
Non Interference for the Analysis of Cryptographic Protocols

ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
Automatic Verification of Cryptographic Protocols through Compositional Analysis Techniques

TACAS '99 Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems
Reasoning about Cryptographic Protocols in the Spi Calculus

CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
Formal Verification of Cryptographic Protocols: A Survey

ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Formal Support for Fault Modelling and Analysis

SAFECOMP '01 Proceedings of the 20th International Conference on Computer Safety, Reliability and Security
Efficient Finite-State Analysis for Large Security Protocols

CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations

Authenticity in a reliable protocol for mobile computing

Proceedings of the 2003 ACM symposium on Applied computing
A tool for the synthesis of cryptographic orchestrators

Proceedings of the Workshop on Model-Driven Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The paper analyzes SCEP, the Simple Certificate Enrollment Procedure, a two-way communication protocol to manage the secure emission of digital certificates to network devices. The protocol provides a consistent method of requesting and receiving certificates from different Certification Authorities by offering an open and scalable solution for deploying certificates which can be beneficial to all network devices and IPSEC software solutions.We formally analyze SCEP through a software tool for the automatic analysis of cryptographic protocols able to discover, at a conceptual level, attacks against security procedures. Our method of survey contributes towards a better understanding of the structure and aims of a protocol both for developers, analyzers and final users.