Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
Selected papers of the Second Workshop on Concurrency and compositionality
Model checking and modular verification
ACM Transactions on Programming Languages and Systems (TOPLAS)
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
An approach to the formal verification of cryptographic protocols
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying Authentication Protocols in CSP
IEEE Transactions on Software Engineering
A calculus for cryptographic protocols
Information and Computation
Integrating functional and imperative programming
LFP '86 Proceedings of the 1986 ACM conference on LISP and functional programming
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Typing a multi-language intermediate code
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A compiler for analyzing cryptographic protocols using noninterference
ACM Transactions on Software Engineering and Methodology (TOSEM)
Java Virtual Machine Specification
Java Virtual Machine Specification
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
TAPS: A First-Order Verifier for Cryptographic Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Towards Automatic Verification of Authentication Protocols on an Unbounded Network
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
What do we mean by entity authentication?
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Notes on Nominal Calculi for Security and Mobility
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A semantics for web services authentication
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Correspondence assertions for process synchronization in concurrent communications
Journal of Functional Programming
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Timed spi-calculus with types for secrecy and authenticity
CONCUR 2005 - Concurrency Theory
Secrecy types for a simulatable cryptographic library
Proceedings of the 12th ACM conference on Computer and communications security
Information and Computation
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
A semantics for web services authentication
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Component adaptation through flexible subservicing
Science of Computer Programming - Special issue on security issues in coordination models, languages, and systems
A type discipline for authorization policies
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Verifying policy-based web services security
ACM Transactions on Programming Languages and Systems (TOPLAS)
A secure compiler for session abstractions
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Proceedings of the 15th ACM conference on Computer and communications security
Type-Based Automated Verification of Authenticity in Cryptographic Protocols
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Verification of Correspondence Assertions in a Calculus for Mobile Ad Hoc Networks
Electronic Notes in Theoretical Computer Science (ENTCS)
Automatic verification of correspondences for security protocols
Journal of Computer Security
Type Inference for Correspondence Types
Electronic Notes in Theoretical Computer Science (ENTCS)
Typechecking Safe Process Synchronization
Electronic Notes in Theoretical Computer Science (ENTCS)
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
TAPIDO: trust and authorization via provenance and integrity in distributed objects
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
A protocol compiler for secure sessions in ML
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
CONCUR'11 Proceedings of the 22nd international conference on Concurrency theory
Type-based automated verification of authenticity in asymmetric cryptographic protocols
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Reflections on trust: trust assurance by dynamic discovery of static properties
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Analyzing security protocols in hierarchical networks
ATVA'06 Proceedings of the 4th international conference on Automated Technology for Verification and Analysis
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Is cryptyc able to detect insider attacks?
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
We propose a new method to check authenticity properties of cryptographic protocols. First, code up the protocol in the spi-calculus of Abadi and Gordon. Second, specify authenticity properties by annotating the code with correspondence assertions in the style of Woo and Lam. Third, figure out types for the keys, nonces, and messages of the protocol. Fourth, check that the spi-calculus code is well-typed according to a novel type and effect system presented in this paper. Our main theorem guarantees that any well-typed protocol is robustly safe, that is, its correspondence assertions are true in the presence of any opponent expressible in spi. It is feasible to apply this method by hand to several well-known cryptographic protocols. It requires little human effort per protocol, puts no bound on the size of the opponent, and requires no state space enumeration. Moreover, the types for protocol data provide some intuitive explanation of how the protocol works. This paper describes our method and gives some simple examples. Our method has led us to the independent rediscovery of flaws in existing protocols and to the design of improved protocols.