The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Secrecy Types for Asymmetric Communication
FoSSaCS '01 Proceedings of the 4th International Conference on Foundations of Software Science and Computation Structures
Intrusion-Tolerant Group Management in Enclaves
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
Proving Secrecy is Easy Enough
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Security properties: two agents are sufficient
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Unguessable Atoms: A Logical Foundation for Security
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Automated deduction for verification
ACM Computing Surveys (CSUR)
Metareasoning about Security Protocols using Distributed Temporal Logic
Electronic Notes in Theoretical Computer Science (ENTCS)
Security properties: two agents are sufficient
ESOP'03 Proceedings of the 12th European conference on Programming
Automating computational proofs for public-key-based key exchange
ProvSec'10 Proceedings of the 4th international conference on Provable security
Distributed temporal logic for the analysis of security protocol models
Theoretical Computer Science
Proceedings of the 11th international conference on Security Protocols
Hi-index | 0.00 |
Inductive proofs of secrecy invariants for cryptographic protocols can be facilitated by separating the protocol-dependent part from the protocol-independent part. Our secrecy theorem encapsulates the use of induction so that the discharge of protocol-specific proof obligations is reduced to first-order reasoning. In addition, the verification conditions are modularly associated with the protocol messages. Secrecy proofs for Otway-Rees and the corrected Needham-Schroeder protocol are given.