ACM Transactions on Computer Systems (TOCS)
Reasoning about knowledge
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
A Formal Language for Cryptographic Protocol Requirements
Designs, Codes and Cryptography - Special issue dedicated to Gustavus J. Simmons
Secure electronic transactions: introduction and technical reference
Secure electronic transactions: introduction and technical reference
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Authentication tests and the structure of bundles
Theoretical Computer Science
Agent Communication Languages: The Current Landscape
IEEE Intelligent Systems
Designing Secure Key Exchange Protocols
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Formal Verification of Cryptographic Protocols: A Survey
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
A Simple Logic for Authentication Protocol Design
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Security Protocol Design via Authentication Tests
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
On Unifying Some Cryptographic Protocol Logics
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Verifying the SET registration protocols
IEEE Journal on Selected Areas in Communications
International Journal of Web Engineering and Technology
| Hi-index | 0.00 |
We propose a novel multi-layers paradigm for the design of key exchange protocols. In the top layer, protocols are specified in a high-level, declarative, formal language using speech acts as the basic building blocks. The declarative semantics of speech acts are specified by their preconditions and effects like in Hoare logics. A protocol logic, called ProtoLog, is developed for reasoning about speech act oriented protocols. Using the language of speech acts, protocol designers could develop their protocols in an modular and compositional way that are correct from the outset. High-level speech act-oriented protocols are automatically translated into lower-level message exchanging protocols by a "protocol compiler" that implements speech acts by sending and receiving appropriate encrypted messages. To demonstrate the applicability of our idea, we apply it on the class of well-designed key exchange protocols where a protocol is well-designed if a speech act is executed only if its preconditions are satisfied. We develop a "protocol compiler" for the class of well-designed protocols and prove the soundness and a limited form of completeness of the protocol logic ProtoLog wrt the translation, implemented by the compiler, under the Dolev-Yao assumption of perfect cryptography. An immediate corollary from the soundness result is the guarantee of the secrecy of exchanged keys (an essential security requirement of key exchange protocols) in well-designed protocols.