A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Strand spaces: proving security protocols correct
Journal of Computer Security
Inductive methods and contract-signing protocols
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authentication tests and the structure of bundles
Theoretical Computer Science
Security Goals: Packet Trajectories and Strand Spaces
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A Simple Logic for Authentication Protocol Design
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Game Analysis of Abuse-free Contract Signing
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Authenticity by Typing for Security Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Prudent Engineering Practice for Cryptographic Protocols
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Stepwise development of security protocols: a speech act-oriented approach
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Fast automatic synthesis of security protocols using backward search
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
The faithfulness of abstract protocol analysis: message authentication
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
A collaborative approach to autonomic security protocols
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
The ρ-spi Calculus at Work: Authentication Case Studies
Electronic Notes in Theoretical Computer Science (ENTCS)
Verification of authentication protocols based on the binding relation
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Authentication tests based on test type matrix
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Sequential protocol composition in maude-NPA
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
AnBx: security protocols design and verification
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Towards a framework for autonomic security protocols
Proceedings of the 11th international conference on Security Protocols
Optimized initiation phases for anonymous auction protocols
HSI'05 Proceedings of the 3rd international conference on Human Society@Internet: web and Communication Technologies and Internet-Related Social Issues
Formal construction of secure information transmission in office automation system
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
Fast automatic security protocol generation
Journal of Computer Security
| Hi-index | 0.00 |
We describe a protocol design process, and illustrate its use by creating ATSPEC, anAuthentication Test-based Secure Protocol for Electronic Commerce Transactions. The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory. The authentication tests dictate how randomly generated values such as nonces may be combined with encryption to achieve authentication and freshness.ATSPEC offers functionality and security guarantees akin to the purchase request, payment authorization, and payment capture phases of SET, the secure electronic transaction standard created by the major credit card firms.