Verifying the SET registration protocols

IEEE Journal on Selected Areas in Communications

Volumn 21, Issue 1, 2003, Pages 77-87

  Bella, Giampaolo ^a,b   Massacci, Fabio ^c   Paulson, Lawrence C ^a  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

^b UNIVERSITY OF CATANIA   (Italy)

^c UNIVERSITY OF TRENTO   (Italy)

Author keywords

Business communication; Communication system security; Computer network security; Protocols; Software verification and validation; Theorem proving

Indexed keywords

COMPUTER NETWORKS; COMPUTER SOFTWARE SELECTION AND EVALUATION; ELECTRONIC COMMERCE; FORMAL LOGIC; PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA; THEOREM PROVING;

BUSINESS COMMUNICATION; DIGITAL ENVELOPES; FORMAL VERIFICATION METHODS; SECURE ELECTRONIC TRANSACTION; SOFTWARE VALIDATION; SOFTWARE VERIFICATION;

NETWORK PROTOCOLS;

EID: 0037250327     PISSN: 07338716     EISSN: None     Source Type: Journal    
DOI: 10.1109/JSAC.2002.806133     Document Type: Article

References (17)

1. A. E. A. Armando, "The AVISS security protocol analysis tool," in Proc. CAV-2002, Lecture Notes Comput. Sci., 2002.
2. G. Bella, F. Massacci, and L. C. Paulson, "Verifying the SET Purchase Protocols," Computer Laboratory, Univ. Cambridge, Cambridge, U.K., 524, 2001.
3. G. Bella, F. Massacci, L. C. Paulson, and P. Tramontano, "Formal verification of cardholder registration in SET," in Proc. Computer Security-ESORICS, LNCS 1895, F. Cuppens, Y. Deswarte, D. Gollman, and M. Waidner, Eds., 2000, pp. 159-174.
4. G. Bella and L. C. Paulson, "Kerberos version IV: Inductive analysis of the secrecy goals," in Proc. Computer Security-ESORICS 98, LNCS 1485, J.-J. Quisquater, Y. Deswarte, C. Meadows, and D. Gollmann, Eds., 1998, pp. 361-375.
5. J. Clark and J. Jacob. (1997) A Survey of Authentication Protocol Literature: Version 1.0. Tech. Rep., Univ. York, Dept. Comput. Sci. [Online]. Available: http://www.-users.cs.york.ac.uk/~jac/
6. E. Cohen, "TAPS: A first-order verifier for cryptographic protocols," in Proc. 13th IEEE Computer Security Found. Workshop, 2000, pp. 144-158.
7. L. Gong and P. Syverson, "Fail-stop protocols: An approach to designing secure protocols," presented at the 5th IFIP Working Conf. Dependable Computing Critical Applications, Sept. 1995.
8. J. Guttman, "Security goals: Packet trajectories and strand spaces," in Foundations of Security Analysis and Design-Tutorial Lectures, R. Focardi and F. Gorrieri, Eds. New York: Springer-Verlag, 2001, vol. 2171, Lecture Notes in Comp. Sci., pp. 197-261.
9. G. Lowe, "A hierarchy of authentication specifications," in Proc. 10th IEEE Computer Security Found. Workshop, 1997, pp. 31-43.
10. ____, "Casper: A compiler for the analysis of security protocols," J. Comput. Sec., vol. 6, pp. 53-84, 1998.
11. (1997) SET Secure Electronic Transaction Specification: Business Description. Mastercard and VISA. [Online]. Available: http://www.setco.org.set_specifications.html
12. (1997) SET Secure Electronic Transaction Specification: Programmer's Guide. Mastercard & VISA. [Online]. Available: http://www.setco.org/set_specifications.html
13. T. Nipkow, L. C. Paulson, and M. Wenzel, "Isabelle/HOL: A Proof Assistant for Higher-Order Logic," in LNCS Tutorial 2283. New York: Springer-Verlag, 2002.
14. C. Meadows, "Analysis of the Internet key exchange protocol using the NRL protocol analyzer," in Proc. SSP, 1999, pp. 216-231.
15. L. C. Paulson, "The inductive approach to verifying cryptographic protocols," J. Comput. Sec., vol. 6, pp. 85-128, 1998
16. ____, "Relations between secrets: Two formal analyses of the Yahalom protocol," J. Comput. Sec., vol. 3, pp. 197-216, 2001.
17. P. Ryan and S. Schneider, "An attack on a recurive authentication protocol. A cautionary tale," Inform. Processing Lett., vol. 65, no. 15, pp. 7-16, 1998.