An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
An attack on a recursive authentication protocol. A cautionary tale
Information Processing Letters
Towards a completeness result for model checking of security protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On Name Generation and Set-Based Analysis in the Dolev-Yao Model
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
On the Decidability of Cryptographic Protocols with Open-Ended Data Structures
CONCUR '02 Proceedings of the 13th International Conference on Concurrency Theory
A Bound on Attacks on Authentication Protocols
TCS '02 Proceedings of the IFIP 17th World Computer Congress - TC1 Stream / 2nd IFIP International Conference on Theoretical Computer Science: Foundations of Information Technology in the Era of Networking and Mobile Computing
Automated Unbounded Verification of Security Protocols
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An NP Decision Procedure for Protocol Insecurity with XOR
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Mechanized proofs for a recursive authentication protocol
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Computing Symbolic Models for Verifying Cryptographic Protocols
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
An E-unification algorithm for analyzing protocols that use modular exponentiation
RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
On the semantics of Alice&Bob specifications of security protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Complexity of Checking Freshness of Cryptographic Protocols
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Automatic verification of correspondences for security protocols
Journal of Computer Security
Correcting and Improving the NP Proof for Cryptographic Protocol Insecurity
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Automated Security Protocol Analysis With the AVISPA Tool
Electronic Notes in Theoretical Computer Science (ENTCS)
Approximation-based tree regular model-checking
Nordic Journal of Computing
Bounded memory Dolev-Yao adversaries in collaborative systems
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Handling algebraic properties in automatic analysis of security protocols
ICTAC'06 Proceedings of the Third international conference on Theoretical Aspects of Computing
Distributed orchestration of web services under security constraints
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Hi-index | 5.23 |
We provide a method for deciding the insecurity of cryptographic protocols in the presence of the standard Dolev-Yao intruder (with a finite number of sessions) extended with so-called oracle rules, i.e., deduction rules that satisfy certain conditions. As an instance of this general framework, we obtain that protocol insecurity is in NP for an intruder that can exploit the properties of the exclusive or (XOR) operator. This operator is frequently used in cryptographic protocols but cannot be handled in most protocol models. An immediate consequence of our proof is that checking whether a message can be derived by an intruder (using XOR) is in PTIME. We also apply our framework to an intruder that exploits properties of certain encryption modes such as cipher block chaining (CBC).