Proceedings of the 6th ACM workshop on Formal methods in security engineering
Automatic Methods for Analyzing Non-repudiation Protocols with an Active Intruder
Formal Aspects in Security and Trust
TAGED Approximations for Temporal Properties Model-Checking
CIAA '09 Proceedings of the 14th International Conference on Implementation and Application of Automata
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Multi-Attacker Protocol Validation
Journal of Automated Reasoning
Understanding abstractions of secure channels
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Complexity of fairness constraints for the Dolev-Yao attacker model
Proceedings of the 2011 ACM Symposium on Applied Computing
Analysing protocol stacks for services
Rigorous software engineering for service-oriented systems
Model checking of security-sensitive business processes
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Specifying and modelling secure channels in strand spaces
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
NeVer: a tool for artificial neural networks verification
Annals of Mathematics and Artificial Intelligence
LTL model-checking for security protocols
AI Communications
Analysing applications layered on unilaterally authenticating protocols
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Hi-index | 0.00 |
Most model checking techniques for security protocols make a number of simplifying assumptions on the protocol and/or on its execution environment that prevent their applicability in some important cases. For instance, most techniques assume that communication between honest principals is controlled by a Dolev-Yao intruder, i.e. a malicious agent capable to overhear, divert, and fake messages. Yet we might be interested in establishing the security of a protocol that relies on a less unsecure channel (e.g. a confidential channel provided by some other protocol sitting lower in the protocol stack). In this paper we propose a general model for security protocols based on the set-rewriting formalism that, coupled with the use of LTL, allows for the specification of assumptions on principals and communication channels as well as complex security properties that are normally not handled by state-of-the-art protocol analysers. By using our approach we have been able to formalise all the assumptions required by the ASW protocol for optimistic fair exchange as well as some of its security properties. Besides the previously reported attacks on the protocol, we report a new attack on a patched version of the protocol.