A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
A Model for Secure Protocols and Their Compositions
IEEE Transactions on Software Engineering
Towards a completeness result for model checking of security protocols
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Fault-perserving simplifying transformations for security protocols
Journal of Computer Security
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On Name Generation and Set-Based Analysis in the Dolev-Yao Model
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
Protocol insecurity with a finite number of sessions and composed keys is NP-complete
Theoretical Computer Science
Verification of cryptographic Protocols: tagging enforces termination
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
Deciding knowledge properties of security protocols
TARK '05 Proceedings of the 10th conference on Theoretical aspects of rationality and knowledge
A (restricted) quantifier elimination for security protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Knowledge-based modelling of voting protocols
TARK '07 Proceedings of the 11th conference on Theoretical aspects of rationality and knowledge
Using SPIN to Detect Vulnerabilities in the AACS Drive-Host Authentication Protocol
FORTE '08 Proceedings of the 28th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
From One Session to Many: Dynamic Tags for Security Protocols
LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
Deciding security properties for cryptographic protocols. application to key cycles
ACM Transactions on Computational Logic (TOCL)
Associative-commutative deducibility constraints
STACS'07 Proceedings of the 24th annual conference on Theoretical aspects of computer science
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Name creation vs. replication in Petri net systems
ICATPN'07 Proceedings of the 28th international conference on Applications and theory of Petri nets and other models of concurrency
A dolev-yao model for zero knowledge
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Generic verification of security protocols
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Soundness of removing cancellation identities in protocol analysis under Exclusive-OR
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Knowing that, knowing what, and public communication: public announcement logic with Kv operators
IJCAI'13 Proceedings of the Twenty-Third international joint conference on Artificial Intelligence
Composition of password-based protocols
Formal Methods in System Design
Hi-index | 0.00 |
An important problem in the analysis of security protocols is that of checking whether a protocol preserves secrecy, i.e., no secret owned by the honest agents is unintentionally revealed to the intruder. This problem has been proved to be undecidable in several settings. In particular, Durgin et al. prove the undecidability of the secrecy problem in the presence of an unbounded set of nonces, even when the message length is bounded. In this paper we prove that even in the presence of an unbounded set of nonces the secrecy problem is decidable for a reasonable subclass of protocols, which we call context-explicit protocols.