Proving security protocols with model checkers by data independence techniques
Journal of Computer Security
Casper: a compiler for the analysis of security protocols
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Key Distribution Protocol for Digital Mobile Communication Systems
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proving Security Protocols with Model Checkers by Data Independence Techniques
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Verification of cryptographic protocols: tagging enforces termination
Theoretical Computer Science - Foundations of software science and computation structures
Embedding agents within the intruder to detect parallel attacks
Journal of Computer Security - Special issue on CSFW15
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
Verifying security protocols: an application of CSP
CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
| Hi-index | 0.00 |
We carry forward the work described in our previous papers [3,14,12 ] on the application of data independence to the model checking of cryptographic protocols using CSP [13 ] and FDR [5 ]. In particular, we showed how techniques based on data independence [7,13 ] could be used to justify, by means of a finite FDR check, systems where agents can perform an unbounded number of protocol runs. Whilst this allows for a more complete analysis, there was one significant incompleteness in the results we obtained: While each individual identity could perform an unlimited number of protocol runs sequentially, the degree of parallelism remained bounded (and small to avoid state space explosion). In this paper, we report significant progress towards the solution of this problem, by means anticipated in [3 ], namely by "internalising" all or part of each agent identity within the "intruder" process. The internalisation of agents (initially only server roles) was introduced in [14 ] as a state-space reduction technique (for which it is usually spectacularly successful). It was quickly noticed that this had the beneficial side-effects of making the internalised server arbitrarily parallel, at least in cases where it did not generate any new values of data independent type. We nowconsider the case where internal agents do introduce fresh values and address the issue of capturing the state of mind of internal agents (for the purposes of analysis).