Dynamic analysis of security protocols
Proceedings of the 2000 workshop on New security paradigms
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An environment for security protocol intrusion detection
Journal of Computer Security
Petri nets in cryptographic protocols
IPDPS '01 Proceedings of the 15th International Parallel & Distributed Processing Symposium
Symbolic Trace Analysis of Cryptographic Protocols
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
Model Checking: A Tutorial Overview
MOVEP '00 Proceedings of the 4th Summer School on Modeling and Verification of Parallel Processes
On the Reachability Problem in Cryptographic Protocols
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
SET Cardholder Registration: The Secrecy Proofs
IJCAR '01 Proceedings of the First International Joint Conference on Automated Reasoning
Model checking: a tutorial overview
Modeling and verification of parallel processes
Inductive verification of smart card protocols
Journal of Computer Security
Preventing type flaw attacks on security protocols with a simplified tagging scheme
ISICT '04 Proceedings of the 2004 international symposium on Information and communication technologies
Unguessable Atoms: A Logical Foundation for Security
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
A type-theoretic framework for formal reasoning with different logical foundations
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Requirements for security protocols
TELE-INFO'06 Proceedings of the 5th WSEAS international conference on Telecommunications and informatics
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.00 |
Security protocols use cryptography to set up private communication channels on an insecure network. Many protocols contain flaws, and because security goals are seldom specified in detail, we cannot be certain what constitutes a flaw. Thanks to recent work by a number of researchers, security protocols can now be analyzed formally.The paper outlines the problem area, emphasizing the notion of freshness. It describes how a protocol can be specified using operational semantics and properties proved by rule induction, with machine support from the proof tool Isabelle. The main example compares two versions of the Yahalom protocol. Unless the model of the environment is sufficiently detailed, it cannot distinguish the correct protocol from a flawed version.The paper attempts to draw some general lessons on the use of formalisms. Compared with model checking, the inductive method performs a finer analysis, but the cost of using it is greater.