Conditional rewriting logic as a unified model of concurrency
Selected papers of the Second Workshop on Concurrency and compositionality
Verifying Authentication Protocols in CSP
IEEE Transactions on Software Engineering
Using encryption for authentication in large networks of computers
Communications of the ACM
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Entity Authentication and Key Distribution
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
Honest Ideals on Strand Spaces
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Formal Analysis of Some Properties of Kerberos 5 Using MSR
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
Kerberos: The Definitive Guide
Kerberos: The Definitive Guide
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
Specifying Kerberos 5 cross-realm authentication
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
An Encapsulated Authentication Logic for Reasoning about Key Distribution Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A comparison between strand spaces and multiset rewriting for security protocol analysis
Journal of Computer Security
A decision procedure for the existence of a rank function
Journal of Computer Security
Electronic Notes in Theoretical Computer Science (ENTCS)
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Breaking and fixing public-key Kerberos
Information and Computation
Rule-based static analysis of network protocol implementations
Information and Computation
Computationally sound mechanized proofs for basic and public-key Kerberos
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Proceedings of the 15th ACM conference on Computer and communications security
Looking at a class of RFID APs through GNY logic
International Journal of Security and Networks
Breaking and fixing public-key Kerberos
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Computational soundness of symbolic zero-knowledge proofs
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Bounded memory Dolev-Yao adversaries in collaborative systems
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Union and intersection types for secure protocol implementations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
G2C: cryptographic protocols from goal-driven specifications
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Security enhancement of the communication-efficient AUTHMAC_DH protocols
Security and Communication Networks
A security enhanced authentication and key distribution protocol for wireless networks
Security and Communication Networks
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
We report on the detailed verification of a substantial portion of the Kerberos 5 protocol specification. Because it targeted a deployed protocol rather than an academic abstraction, this multiyear effort led to the development of new analysis methods in order to manage the inherent complexity. This enabled proving that Kerberos supports the expected authentication and confidentiality properties, and that it is structurally sound; these results rely on a pair of intertwined inductions. Our work also detected a number of innocuous but nonetheless unexpected behaviors, and it clearly described how vulnerable the cross-realm authentication support of Kerberos is to the compromise of remote administrative domains.