A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A nested mutual authentication protocol
ACM SIGOPS Operating Systems Review
Security analysis of the cliques protocols suites: first results
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Probabilistic Polynomial-Time Process Calculus and Security Protocol Analysis
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Proof Techniques for Cryptographic Protocols
ICAL '99 Proceedings of the 26th International Colloquium on Automata, Languages and Programming
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
On the Decidability of Cryptographic Protocols with Open-Ended Data Structures
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Probabilistic Polynomial-Time Equivalence and Security Analysis
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
A Security Analysis of the Cliques Protocols Suites
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Some attacks upon authenticated group key agreement protocols
Journal of Computer Security - Special issue on CSFW14
Proceedings of the 2003 workshop on New security paradigms
Security properties: two agents are sufficient
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
An NP decision procedure for protocol insecurity with XOR
Theoretical Computer Science
Selecting theories and recursive protocols
CONCUR 2005 - Concurrency Theory
A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols
Theoretical Computer Science
Symbolic protocol analysis with an Abelian group operator or Diffie-Hellman exponentiation
Journal of Computer Security
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
A survey of algebraic properties used in cryptographic protocols
Journal of Computer Security
Secrecy by interpretation functions
Knowledge-Based Systems
Transducer-based analysis of cryptographic protocols
Information and Computation
Linearity, Persistence and Testing Semantics in the Asynchronous Pi-Calculus
Electronic Notes in Theoretical Computer Science (ENTCS)
ACM Transactions on Computational Logic (TOCL)
Interpretation functions-based method to verify secrecy under equational theories
TELE-INFO'08 Proceedings of the 7th WSEAS International Conference on Telecommunications and Informatics
Authentication Revisited: Flaw or Not, the Recursive Authentication Protocol
ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
Secrecy of cryptographic protocols under equational theory
Knowledge-Based Systems
Real-or-random Key Secrecy of the Otway-Rees Protocol via a Symbolic Security Proof
Electronic Notes in Theoretical Computer Science (ENTCS)
On the Relationship Between Web Services Security and Traditional Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
On the automatic analysis of recursive security protocols with XOR
STACS'07 Proceedings of the 24th annual conference on Theoretical aspects of computer science
Security properties: two agents are sufficient
ESOP'03 Proceedings of the 12th European conference on Programming
Calibrating the power of schedulers for probabilistic polynomial-time calculus
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Secure transaction protocol analysis: models and applications
Secure transaction protocol analysis: models and applications
Deciding security for protocols with recursive tests
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Application of formal methods for analysis of authentication protocols
IWDC'04 Proceedings of the 6th international conference on Distributed Computing
Computationally sound, automated proofs for security protocols
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
The finite variant property: how to get rid of some algebraic properties
RTA'05 Proceedings of the 16th international conference on Term Rewriting and Applications
Alternation in equational tree automata modulo XOR
FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science
Verification of security protocols with lists: from length one to unbounded length
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Automatic verification of protocols with lists of unbounded length
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Verification of security protocols with lists: From length one to unbounded length
Journal of Computer Security - Security and Trust Principles
| Hi-index | 0.00 |
A novel protocol has been formally analyzed using the prover Isabelle/HOL, following the inductive approach described in earlier work (L.C. Paulson, 1997). There is no limit on the length of a run, the nesting of messages or the number of agents involved. A single run of the protocol delivers session keys for all the agents, allowing neighbours to perform mutual authentication. The basic security theorem states that session keys are correctly delivered to adjacent pairs of honest agents, regardless of whether other agents in the chain are compromised. The protocol's complexity caused some difficulties in the specification and proofs, but its symmetry reduced the number of theorems to prove.