Pattern-based abstraction for verifying secrecy in protocols

International Journal on Software Tools for Technology Transfer

Volumn 8, Issue 1, 2006, Pages 57-76

  Bozga, L ^a   Lakhnech, Yassine ^a   Perin M ^a  

^a VERIMAG   (France)

Author keywords

Abstract interpretation; Cryptographic protocols; Security; Verification; Widening

Indexed keywords

EID: 31744452239     PISSN: 14332779     EISSN: None     Source Type: Journal    
DOI: 10.1007/s10009-005-0189-6     Document Type: Article

References (37)

1. Abadi M (1997) Secrecy by typing in security protocols. In: Theoretical aspects of computer software. Lecture notes in computer science, vol 1281. Springer, Berlin Heidelberg New York, pp 611-638
2. Abadi M, Blanchet B (2001) Secrecy types for asymmetric communication. In: Foundations of software science and computation structures. Lecture notes in computer science, vol 2030. Springer, Berlin Heidelberg New York, pp 25-41
3. Abadi M, Blanchet B (2002) Analyzing security protocols with secrecy types and logic programs. In: ACM symposium on principles of programming languages, pp 33-44
4. Amadio RM, Charatonik W (2002) On name generation and set-based analysis in the Dolev-Yao model. In: CONCUR: 13th international conference on concurrency theory. Lecture notes in computer science, vol 2421. Springer, Berlin Heidelberg New York
5. Amadio RM, Lugiez D (2000) On the reachability problem in cryptographic protocols. In: International conference on concurrency theory. Lecture notes in computer science, vol 1877. Springer, Berlin Heidelberg New York, pp 380-394
6. Baader F, Nipkow T (1998) Term rewriting and all that. Cambridge University Press, Cambridge, UK
7. Blanchet B (2001) Abstracting cryptographic protocols by prolog rules. In: International Symposium on static analysis. Lecture notes in computer science, vol 2126. Springer, Berlin Heidelberg New York, pp 433-436
8. Bolignano D (1996) An approach to the formal verification of cryptographic protocols. In: ACM conference on computer and communications security, pp 106-118
9. Bolignano D (1998) Integrating proof-based and model-checking techniques for the formal verification of cryptographic protocols. In: International conference on computer-aided verification. Lecture notes in computer science, vol 1427. Springer, Berlin Heidelberg New York, pp 77-87
10. Bozga L, Ene C, Lakhnech Y (2004) On the existence of an effective and complete proof system for bounded security protocols. In: FOSSACS. Lecture notes in computer science, vol 2987. Springer, Berlin Heidelberg New York
11. Bozga L, Ene C, Lakhnech Y (2004) A symbolic decision procedure for bounded security protocols with time stamps. Technical report, Verimag, Gières, France
12. Clark JA, Jacob JL (1997) A survey of authentication protocol literature. Version 1.0, University of York, Department of Computer Science, November 1997
13. Clarke EM, Jha S, Marrero W (1998) Using state space exploration and a natural deduction style message derivation engine to verify security protocols. In: IFIP working conference on programming concepts and methods
14. Comon H, Cortier V, Mitchell J (2001) Tree automata with one memory, set constraints, and ping-pong protocols. In: International colloquium on automata, languages and programming. Lecture notes in computer science, vol 2076. Springer, Berlin Heidelberg New York
15. Comon H, Shmatikov V (2002) Is it possible to decide whether a cryptographic protocol is secure or not? J Telecommun Inf Technol 4:5-15
16. Comon-Lundh H, Cortier V (2004) Security properties: Two agents are sufficient. Sci Comput Programm 50(1-3):51-71
17. Cortier V, Millen J, Rue H (2001) Proving secrecy is easy enough. In: IEEE workshop on computer security foundations, pp 97-110
18. Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198-208
19. Durgin N, Lincoln P, Mitchell J, Scedrov A (1999) Undecidability of bounded security protocols. In: Workshop on formal methods and security protocols
20. Even S, Goldreich O (1983) On the security of multi-party ping pong protocols. Technical report, Israel Institute of Technology
21. Fábrega FJT, Herzog JC, Guttman JD (1998) Strand spaces: Why is a security protocol correct? In: IEEE conference on security and privacy, pp 160-171
22. Genet T, Klay F (2000) Rewriting for cryptographic protocol verification. In: International conference on automated deduction. Lecture notes in computer science, vol 1831. Springer, Berlin Heidelberg New York
23. Gordon A, Jeffrey A (2001) Authenticity by typing for security protocols. In: IEEE workshop on computer security foundations, pp 145-159
24. Goubault-Larrecq J (2000) A method for automatic cryptographic protocol verification. In: International workshop on formal methods for parallel programming: Theory and applications. Lecture notes in computer science, vol 1800. Springer, Berlin Heidelberg New York
25. El Khadi N (2001) Automatic verification of confidentiality properties of cryptographic program. Netw Inf Syst J 6:4-15
26. Lowe G (1995) An attack on the Needham-Schroeder public-key authentification protocol. Inf Process Lett 56(3):131-133
27. Lowe G (1996) Breaking and fixing the Needham-Schroeder Public-Key protocol using FDR. In: Tools and algorithms for the construction and analysis of systems. Lecture notes in computer science, vol 1055. Springer, Berlin Heidelberg New York, pp 147-166
28. Lowe G (1997) Casper: A compiler for the analysis of security protocols. In: 10th IEEE workshop on computer security foundations (CSFW '97), Washington Brussels Tokyo, June 1997, pp 18-30
29. Meadows C (2000) Invariant generation techniques in cryptographic protocol analysis. In: Workshop on computer security foundations
30. Millen J, Shmatikov V (2001) Constraint solving for bounded-process cryptographic protocol analysis. In: ACM conference on computer and communications security, pp 166-175
31. Mitchell JC, Mitchell M, Stern U (1997) Automated analysis of cryptographic protocols using mur. In: Conference on security and privacy, pp 141-153
32. Monniaux D (1999) Abstracting cryptographic protocols with tree automata. In: Symposium on static analysis. Lecture notes in computer science, vol 1694. Springer, Berlin Heidelberg New York, pp 149-163
33. Needham RM, Schroeder MD (1978) Using encryption for authentication in large networks of computers. Commun ACM 21(12):993-999
34. Paulson L (1997) Proving properties of security protocols by induction. In: IEEE workshop on computer security foundations, pp 70-83
35. Rusinowitch M, Turuani M (2001) Protocol insecurity with finite number of sessions is NP-complete. In: IEEE workshop on computer security foundations
36. Thayer J, Herzog J, Guttman J (1998) Honest ideals on strand spaces. In: IEEE workshop on computer security foundations, pp 66-78
37. Weidenbach C (1999) Towards an automatic analysis of security protocols in first-order logic. In: International conference on automated deduction. Lecture notes in computer science, vol 1632. Springer, Berlin Heidelberg New York, pp 314-328