EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Automated protocol verification in linear logic
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Analyzing the energy consumption of security protocols
Proceedings of the 2003 international symposium on Low power electronics and design
Roles in Cryptographic Protocols
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Generating Formal Cryptographic Protocol Specifications
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Formal verification of a type flaw attack on a security protocol using object-z
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
Chosen-name Attacks: An Overlooked Class of Type-flaw Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
A Formal Analysis of Complex Type Flaw Attacks on Security Protocols
AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
Sender access and data distribution control for inter-domain multicast groups
Computer Networks: The International Journal of Computer and Telecommunications Networking
Deciding recognizability under Dolev-Yao intruder model
ISC'10 Proceedings of the 13th international conference on Information security
Hi-index | 0.00 |
Security protocols are often specified at the application layer; however, application layer specifications give little detail regarding message data structures at the presentation layer upon which some implementation-dependent attacks rely. In this paper we present an approach to verifying security protocols in which both the application and presentation layers are modelled. Using the Group Domain of Interpretation protocol as an example, our application layer specification of the protocol is used as input to the AVISPA model checking tool for analysis. Two type flaw attacks are found via model checking which are then verified against the corresponding presentation layer specification, thus identifying the minimal requirements to prevent the attacks.