Authentication tests and the structure of bundles
Theoretical Computer Science
Security Goals: Packet Trajectories and Strand Spaces
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
FST TCS '02 Proceedings of the 22nd Conference Kanpur on Foundations of Software Technology and Theoretical Computer Science
Strand Spaces and Rank Functions: More than Distant Cousins
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Security Protocol Design via Authentication Tests
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Authenticity by Typing for Security Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Study on strand space model theory
Journal of Computer Science and Technology
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Fast automatic synthesis of security protocols using backward search
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Authentication tests and disjoint encryption: A design method for security protocols
Journal of Computer Security - Special issue on CSFW15
Complexity of Checking Freshness of Cryptographic Protocols
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Computational Semantics for First-Order Logical Analysis of Cryptographic Protocols
Formal to Practical Security
Belief change and cryptographic protocol verification
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
Completeness and Counter-Example Generations of a Basic Protocol Logic
Electronic Notes in Theoretical Computer Science (ENTCS)
One extension of authentication test based on strand space model
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Verification of authentication protocols based on the binding relation
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Authentication tests based on test type matrix
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Specifying and modelling secure channels in strand spaces
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Security protocol analysis with improved authentication tests
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
The inductive approach to strand space
FORTE'05 Proceedings of the 25th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Completeness of the authentication tests
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Analysing TLS in the strand spaces model
Journal of Computer Security
Fast automatic security protocol generation
Journal of Computer Security
| Hi-index | 0.00 |
Suppose a principal in a cryptographic protocol creates and transmits a message containing a new value v, which it later receives back in cryptographically altered form. It can conclude that some principal possessing the relevant key has transformed the message containing v. In some circumstances, this must be a regular participant of the protocol, not the penetrator. An inference of this kind is an authentication test. We introduce two main kinds of authentication test. An outgoing test is one in which the new value v is transmitted in encrypted form, and only a regular participant can extract it from that form. An incoming test is one in which v is received back in encrypted form, and only a regular participant can put it in that form. We combine these two tests with a supplementary idea, the unsolicited test, and a related method for checking that certain values remain secret. Together, they determine what authentication properties are achieved by a wide range of cryptographic protocols. In this paper, we introduce authentication tests and illustrate their power, giving new and straightforward proofs of security goals for several protocols. We also illustrate how to use the authentication tests as a heuristic for finding attacks against incorrect protocols. Finally, we suggest a protocol design process. We express these ideas in the strand space formalism [21], and prove them correct elsewhere [8].