Formal specification of abstract memory models
Proceedings of the 1993 symposium on Research on integrated systems
System design methodology of ultraSPARC-I
DAC '95 Proceedings of the 32nd annual ACM/IEEE Design Automation Conference
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Automatic verification of the SCI cache coherence protocol
CHARME '95 Proceedings of the IFIP WG 10.5 Advanced Research Working Conference on Correct Hardware Design and Verification Methods
The Murphi Verification System
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Analysis of a scheduler for a CAD framework
Proceedings of the 21st international conference on Software engineering
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
Programming language methods in computer security
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure password-based cipher suite for TLS
ACM Transactions on Information and System Security (TISSEC)
A conservative algorithm for computing the flow of permissions in Java programs
ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis
Finite-state analysis of two contract signing protocols
Theoretical Computer Science
Formal verification of standards for distance vector routing protocols
Journal of the ACM (JACM)
An attack-finding algorithm for security protocols
Journal of Computer Science and Technology
A New Logic for Electronic Commerce Protocols
AMAST '00 Proceedings of the 8th International Conference on Algebraic Methodology and Software Technology
An Intelligent Intruder Model for Security Protocol Analysis
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
A Top-Down Look at a Secure Message
Proceedings of the 19th Conference on Foundations of Software Technology and Theoretical Computer Science
Verification of the SSL/TLS Protocol Using a Model Checkable Logic of Belief and Time
SAFECOMP '02 Proceedings of the 21st International Conference on Computer Safety, Reliability and Security
Analysis of Abuse-Free Contract Signing
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A Uniform Approach for the Definition of Security Properties
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
Source-Level Transformations for Improved Formal Verification
ICCD '00 Proceedings of the 2000 IEEE International Conference on Computer Design: VLSI in Computers & Processors
First-order verification of cryptographic protocols
Journal of Computer Security - CSFW13
Running-mode analysis of the Security Socket Layer protocol
ACM SIGOPS Operating Systems Review
Analysis of the 802.11i 4-way handshake
Proceedings of the 3rd ACM workshop on Wireless security
Stepwise development of security protocols: a speech act-oriented approach
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
ACM Transactions on Information and System Security (TISSEC)
Using static analysis to validate the SAML single sign-on protocol
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Formal analysis of modern security protocols
Information Sciences—Informatics and Computer Science: An International Journal
Security analysis of network protocols: logical and computational methods
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
An NP decision procedure for protocol insecurity with XOR
Theoretical Computer Science
A modular correctness proof of IEEE 802.11i and TLS
Proceedings of the 12th ACM conference on Computer and communications security
Computer-assisted verification of a protocol for certified email
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Modelling the relative strength of security protocols
Proceedings of the 2nd ACM workshop on Quality of protection
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Secrecy by interpretation functions
Knowledge-Based Systems
Breaking and fixing public-key Kerberos
Information and Computation
A secure and efficient authentication scheme for mobile users
International Journal of Mobile Communications
Computationally sound mechanized proofs for basic and public-key Kerberos
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
Universally Composable Security Analysis of TLS
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
A Modular Security Analysis of the TLS Handshake Protocol
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Model checking nash equilibria in MAD distributed systems
Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design
SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle
Computer Communications
Extending Security Protocol Analysis: New Challenges
Electronic Notes in Theoretical Computer Science (ENTCS)
Computer-assisted verification of a protocol for certified email
SAS'03 Proceedings of the 10th international conference on Static analysis
Symbolic model checking temporal logics of knowledge in multi-agent system via extended Mu-calculus
LSMS'07 Proceedings of the Life system modeling and simulation 2007 international conference on Bio-Inspired computational intelligence and applications
Breaking and fixing public-key Kerberos
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Analysis of EAP-GPSK authentication protocol
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Security protocols: principles and calculi tutorial notes
Foundations of security analysis and design IV
Compositional System Security with Interface-Confined Adversaries
Electronic Notes in Theoretical Computer Science (ENTCS)
A mobile network operator-independent mobile signature service
Journal of Network and Computer Applications
Inductive trace properties for computational security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Analyzing and improving Linux kernel memory protection: a model checking approach
Proceedings of the 26th Annual Computer Security Applications Conference
SSL/TLS session-aware user authentication using a GAA bootstrapped key
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Verified Cryptographic Implementations for TLS
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
Formal security analysis of Ariadne secure routing protocol using model checking
International Journal of Ad Hoc and Ubiquitous Computing
A formal security model of a smart card web server
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Security Verification of Hardware-enabled Attestation Protocols
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Analysing TLS in the strand spaces model
Journal of Computer Security
From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic
LICS '13 Proceedings of the 2013 28th Annual ACM/IEEE Symposium on Logic in Computer Science
Hi-index | 0.00 |
The Secure Sockets Layer (SSL) protocol is analyzed using a finite-state enumeration tool called Murϕ. The analysis is presented using a sequence of incremental approximations to the SSL 3.0 handshake protocol. Each simplified protocol is "model-checked" using Murϕ, with the next protocol in the sequence obtained by correcting errors that Murϕ finds automatically. This process identifies the main shortcomings in SSL 2.0 that led to the design of SSL 3.0, as well as a few anomalies in the protocol that is used to resume a session in SSL 3.0. In addition to some insight into SSL, this study demonstrates the feasibility of using formal methods to analyze commercial protocols.