Formal analysis of modern security protocols

Information Sciences

Volumn 171, Issue 1-3, 2005, Pages 189-211

  Yasinsac, Alec ^a   Childs, Justin ^a  

^a Florida State University   (United States)

Author keywords

Cryptographic protocols; Formal methods; Network security; Weakest preconditions

Indexed keywords

CRYPTOGRAPHY; ELECTRONIC COMMERCE; MOBILE TELECOMMUNICATION SYSTEMS; NETWORK PROTOCOLS; WIRELESS TELECOMMUNICATION SYSTEMS;

CRYPTOGRAPHIC PROTOCOLS; FORMAL METHODS; NETWORK SECURITY; WEAKEST PRECONDITIONS;

SECURITY OF DATA;

EID: 13544276811     PISSN: 00200255     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ins.2004.03.021     Document Type: Article

References (23)

1. Abadi M., Needham R. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering. 22(1):1996;6-15
2. M. Burrows, M. Abadi, R. Needham, A logic of authentication, Research Report 39, Digital Systems Research Center, February 1989
3. S. Brackin, Automatically detecting most vulnerabilities in cryptographic protocols, in: DARPA Info Survivability Conf and Expo, January 2000, vol. 1, pp. 222-236
4. J. Childs, A. Yasinsac, Using weakest preconditions to evaluate the transport layer security protocol, in: Proceedings of the Sixth IEEE International Symposium on High Assurance Systems Engineering, October 2001, pp. 149-159
5. J. Clark, J. Jacob. A survey of authentication protocol literature: Version 1.0. A continually updated library of protocols analyzed in the literature. Available from
6. G. Denker, J. Meseguer, C. Talcott, Protocol specification and analysis in maude, in: Formal Methods and Security Protocols, 1998, LICS '98 Workshop
7. T. Dierks, C. Allen, The TLS protocol: Version 1.0. Request for Comments: 2246. Available from
8. Dijkstra E.W. A Discipline of Programming. Prentice-Hall Series in Automatic Computation. 1976;Prentice-Hall, Englewood Cliffs, NJ
9. Kelsey J., Schneier B., Wagner D. Protocol interactions and the chosen protocol attack. Lecture Notes in Computer Science. vol. 1361:1998;91-104 Springer Verlag, Heidelberg, Berlin
10. C. Meadows, Analysis of the Internet key exchange protocol using the NRL protocol analyzer, IEEE Symposium on Security and Privacy, 1999
11. J.C. Mitchell, V. Shmatikov, U. Stern, Finite-state analysis of SSL 3.0 and related protocols, in: Workshop on Design and Formal Verification of Security Protocols, September 1997, DIMACS
12. Needham R.M., Schroeder M.D. Using encryption for authentication in large networks of computers. Communications of the ACM. 21(12):1978;993-999
13. L.C. Paulson, Inductive analysis of the Internet protocol TLS, Technical Report 440, Cambridge University Computer Science Laboratory, 1998
14. Dawn Xiaodong Song, Athena: a new efficient automatic checker for security protocol analysis, in: 12th IEEE Computer Security Foundations Workshop, Mordano, Italy, June 28-30, 1999
15. Syverson P.F. A taxonomy of replay attacks. Proceedings of the Computer Security Foundations Workshop VII. 1994;IEEE CS Press, Los Alamitos
16. P. Syverson, P.C. van Oorshot, On unifying some cryptographic protocol logics, in: Proceedings of the 1994 IEEE Computer Society Symposium on Security and Privacy, May 16-18, 1994
17. D. Wagner, B. Schneier, Analysis of the SSL 3.0 Protocol, in: D. Tygar (Ed.), USENIX Workshop on Electronic Commerce, USENIX, 1996, pp. 29-40
18. Yasinsac A., Wulf Wm.A. A framework for a cryptographic protocol evaluation workbench. The International Journal of Reliability, Quality and Safety Engineering (IJRQSE). 8(4):2001;373-389
19. J.G. Steiner, B.C. Neuman, J.I. Schiller, Kerberos: an authentication service for open network systems, in: USENIX Conference Proceedings, February 1988, pp. 183-190
20. Denning D.E., Sacco G.M. Timestamps in key distribution protocols. Communications of the ACM. 24(8):1981;533-536
21. Bird R., Gopal I., Herzberg A., Janson P., Kutten S., Molva R., Yung M. Systematic design of two-party authentication protocols. Fegenbaum J. Advances in Cryptography - CRYPTO '91. Lecture Notes in Computer Science. vol. 576:1992;Springer Verlag, Berlin
22. J. Childs, Evaluating the TLS family of protocols with weakest precondition reasoning, Masters Thesis, Florida State University, Department of Computer Science
23. U. Carlsen, Generating formal cryptographic protocol specifications, in: IEEE Computer Society Symposium on Research in Security and Privacy, May 16-18, 1994, pp. 138-146