How to construct random functions
Journal of the ACM (JACM)
Secret-key agreement without public-key
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Implementation of a Provably Secure, Smartcard-Based Key Distribution Protocol
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
Mechanising a Protocol for Smart Cards
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
Modelling Agents' Knowledge Inductively
Proceedings of the 7th International Workshop on Security Protocols
Fault Induction Attacks, Tamper Resistance, and Hostile Reverse Engineering in Perspective
FC '97 Proceedings of the First International Conference on Financial Cryptography
Integrating Smart Cards Into Authentication Systems
Proceedings of the International Conference on Cryptography: Policy and Algorithms
CAPSL Interface for the NRL Protocol Analyzer
ASSET '99 Proceedings of the 1999 IEEE Symposium on Application - Specific Systems and Software Engineering and Technology
Proving Security Protocols Correct
LICS '99 Proceedings of the 14th Annual IEEE Symposium on Logic in Computer Science
Design principles for tamper-resistant smartcard processors
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Smartcard integration with Kerberos V5
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Session key distribution using smart cards
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Lack of Explicitness Strikes Back
Revised Papers from the 8th International Workshop on Security Protocols
Availability of protocol goals
Proceedings of the 2003 ACM symposium on Applied computing
Deciding knowledge properties of security protocols
TARK '05 Proceedings of the 10th conference on Theoretical aspects of rationality and knowledge
A Family of Trusted Third Party Based Fair-Exchange Protocols
IEEE Transactions on Dependable and Secure Computing
Accountability protocols: Formalized and verified
ACM Transactions on Information and System Security (TISSEC)
A (restricted) quantifier elimination for security protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Is the verification problem for cryptographic protocols solved?
Proceedings of the 11th international conference on Security Protocols
Biometrics to enhance smartcard security
Proceedings of the 11th international conference on Security Protocols
Hi-index | 0.01 |
An existing approach based on induction and theorem proving is tailored to the verification of security protocols that make use of smart cards. Smart cards are modelled operationally, hence only their functionalities, rather than their implementative technicalities, are of interest. The spy can steal certain smart cards, and clone others while learning their stored secrets. In terms of generality, the approach scales up to protocols that assume secure or insecure means between agents and smart cards, as well as to smart cards being PIN-operated or PIN-less. In terms of extensibility, new, application-dependent smart card functionalities can be easily included.The approach is demonstrated on the key distribution protocol designed by Shoup and Rubin [30], and the assumptions are studied that are necessary on the smart cards for the protocol goals to be met. It is found that, if the data buses of the smart cards are unreliable as to produce outputs in an unspecified order, then the protocol does not confirm to the peers its goals of confidentiality, authentication, and key distribution because of lack of explicitness. A simple fix is introduced and proved.