Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Using CSP to Detect Errors in the TMN Protocol
IEEE Transactions on Software Engineering
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Inductive verification of smart card protocols
Journal of Computer Security
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Limitations on Design Principles for Public Key Protocols
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Session key distribution using smart cards
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Verifying the SET registration protocols
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
A new principle for prudent design of security protocols is developed to extend and complement the existing ones. Called goal availability, the principle requires that a given protocol goal be confirmed by a formal guarantee that the principals can invoke in practice. In consequence, the guarantees must be based on assumptions that the principals are able to verify. Analysing known protocols in the light of the new principle highlights unknown features. for example, an established BAN-logic claim is undermined, and some weaknesses of a modern smart card protocol are discovered. Our findings support the general claim that checking a protocol against goal availability helps discover unspotted lacks of explicitness in the protocol messages. The protocol analyses reported here are all machine assisted, but goal availability serves for protocol analysis in general.