Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Proactive public key and signature systems
Proceedings of the 4th ACM conference on Computer and communications security
Authenticated group key agreement and friends
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A calculus for cryptographic protocols
Information and Computation
Verifying secrets and relative secrecy
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
The faithfulness of abstract protocol analysis: message authentication
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Using a PVS Embedding of CSP to Verify Authentication Protocols
TPHOLs '97 Proceedings of the 10th International Conference on Theorem Proving in Higher Order Logics
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
On the Decidability of Cryptographic Protocols with Open-Ended Data Structures
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Fair Computation of General Functions in Presence of Immoral Majority
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Protecting the Computation Results of Free-Roaming Agents
MA '98 Proceedings of the Second International Workshop on Mobile Agents
Mechanized proofs for a recursive authentication protocol
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
Framework for malware resistance metrics
Proceedings of the 2nd ACM workshop on Quality of protection
Securing the drop-box architecture for assisted living
Proceedings of the fourth ACM workshop on Formal methods in security
Application of formal methods for analysis of authentication protocols
IWDC'04 Proceedings of the 6th international conference on Distributed Computing
Design of secure key establishment protocols: successes, failures and prospects
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
| Hi-index | 0.00 |
The application of formal methods for rigorously validating cryptographic protocols has been getting increasing attention. The de facto standard for modeling such protocols in formal proof systems is the Dolev-Yao model that, e.g., uses abstract encryption instead of cryptographic encryption primitives. The Dolev-Yao model has been originally intended and successfully used for detecting flaws in many protocols. However, recent publications claim to perform actual proofs of security using this model, i.e., absence of any attack. We doubt this claim and challenge Dolev-Yao-based models as being oversimplified for establishing security proofs against arbitrary attacks.We substantiate our claim by an example protocol. This protocol has been proven secure in a Dolev-Yao-based model using formal methods. In a later publication, the protocol has been broken by describing a cryptographic attack. The attack was not detected in the formal analysis since any Dolev-Yao-based model only comprises a predefined set of adversary capabilities. The particular attack to break the protocol was not comprised.The only reliable long-term remedy is to proof resilience against all attacks (both known and unknown ones). Recent approaches on cryptographic models of security have already made great progress towards this goal. Unfortunately, proofs in these are more complex and harder to automate. On the short run, it therefore is appropriate to improve the quality of formal analysis without striving for complete proofs. This can be achieved by means of evolving a catalog of adversary capabilities. Future formal analysis can then show resilience against any attack in this catalog. We initiate this discussion on an "adversary capability catalog" by providing a cryptographer's wish list. This list that points out several features which approaches based on the Dolev-Yao model or future extensions of it should cover in order to be effective for cryptographic protocol verification.