Approaches and technologies for formal verification of security protocols

Jisuanji Xuebao/Chinese Journal of Computers

Volumn 29, Issue 1, 2006, Pages 1-20

  Xue, Rui ^a   Feng, Deng Guo ^a  

^a INSTITUTE OF SOFTWARE   (China)

Author keywords

Cryptographic reliability; Dolev Yao model; Formal analysis; Secure protocol; Security goal

Indexed keywords

MATHEMATICAL MODELS; RELIABILITY; SECURITY SYSTEMS;

CRYPTOGRAPHIC RELIABILITY; DOLEV YAO MODEL; FORMAL ANALYSIS; SECURE PROTOCOL; SECURITY GOAL;

NETWORK PROTOCOLS;

EID: 33644948261     PISSN: 02544164     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Review

References (72)

1. Menezes A., van Oorschot P., Vanstone S.. Handbook of Applied Cryptography. New York: CRC Press, 1996
2. Needham R. M., Schroeder M. D.. Using encryption for authentication in large networks of computers. Communications of the ACM, 1978, 21(12): 993-999
3. Dolev D., Yao A. C.. On the security of public key protocols. In: Proceedings of the IEEE 22nd Annual Symposium on Foundations of Computer Science, Nashville, TN, 1981, 350-357
4. Dolev D., Even S., Karp R.. On the security of ping-pong protocols. Information and Control, 1982, 55(1): 57-68
5. Even S., Goldreich O.. On the security of multi-party ping-pong protocols. In: Proceedings of the 24th IEEE Symposium on the Foundations of Computer Science, Los Alamitos, 1983, 34-39
6. Millen J. K., Clark S. C., Freedman S. B.. The Interrogator: Protocol security analysis. IEEE Transactions on Software Engineering, 1987, SE-13(2): 274-288
7. Kemmerer R. A.. Analyzing encryption protocols using formal verification techniques. IEEE Journal of Selected Areas in Communications, 1989, 7(4): 448-457
8. Kemmerer R. A.. Analyzing encryption protocols using formal verification techniques. In: Carl Pomerance ed.. Advances in Cryptology-CRYPTO'87. Lecture Notes in Computer Science 293. Springer-Verlag, 1988, 289-305
9. Burrows M., Abadi M., Needham R.. A logic of authentication. ACM Transactions in Computer Systems, 1990, 8(1): 18-36
10. Vardi M. Y.. Why is modal logic so robustly decidable? In: Immerman N., Kolaitis Ph. G. eds.. Descriptive Complexity and Finite Models, DIMACS Series in Discrete Mathematics and Theoretical Computer Science. New York: AMS, 1997, 149-184
11. Lowe G.. Breaking and fixing the Needham-Schroeder public key protocol using FDR. In: Proceedings of TACAS. Lecture Notes in Computer Science 1055. Passau, Germany: Springer-Verlag, 1996, 147-166
12. Abadi M.. Secrecy by typing in security protocols. Journal of the ACM, 1999, 46(5): 749-786
13. Gordon A., Jeffrey A.. Authenticity by typing in security protocols. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, 2001, 145-159
14. Abadi M., Gordon A. D.. A calculus for cryptographic protocols: The Spi calculus. Information and Computation, 1999, 148(1): 1-70
15. Paulson L. C.. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 1998, 6(1): 85-128
16. Song Dawn Xiaodong, Berezin Sergey, Perrig Adrian. Athena: A novel approach to efficient automatic security protocol analysis. Journal of Computer Security, 2001, 9(1/2): 47-74
17. Bellare M., Rogaway P.. Entity authentication and key distribution. In: Proceedings of CRYPTO'93, California, USA, 1994, 232-249
18. Koblitz N., Menezes A.. Another look at provable security. University of Waterloo, Waterloo, Canada: Technical Report CORR 2004-20, 2004
19. Bellare M., Canetti R., Krawczyk H.. A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the 30th Annual Symposium on the Theory of Computing, ACM, Dallas, TX, 1998, 419-428
20. Canetti R., Krawczyk H.. Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann ed. Proceedings of Eurocrypt'01. Lecture Notes in Computer Science 2045. Springer-Verlag, 2001, 453-474
21. Abadi M., Rogaway P.. Reconciling two views of cryptography: The computational soundness of formal encryption. In: Proceedings of the 1st IFIP International Conference on Theoretical Computer Science. Lecture Notes in Computer Science 1872. Springer, 2000, 3-22
22. Micciancio D., Warinschi B.. Completeness theorems for the Abadi-Rogaway logic of encrypted expressions. Journal of Computer Security, 2004, 12(1): 99-129
23. Gligor V., Horvitz D. O.. Weak key authenticity and the computational completeness of formal encryption. In: Boneh D. ed.. Proceedings of CRYPTO 2003. Lecture Notes in Computer Science 2729. Springer-Verlag, 2003, 530-547
24. Micciancio D., Warinschi B., Soundness of formal encryption in the presence of active adversaries. In: Proceedings of the Theory of Cryptography Conference (TCC), Cambridge, Massachusetts, 2004, 133-151
25. Impagliazzo R., Kapron B.. Logics for reasoning about cryptographic constructions. In: Proceedings of STOC'03, San Diego, California, 2003, 372-383
26. Backes M., Pfitzmann B., Waidner M.. A universally composable cryptographic library. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, DC, 2003, 220-230
27. Maneki A. P.. Honest functions and their application to the analysis of cryptographic protocols. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop (CSFW 1999), Mordano, Italy, 1999, 83-89
28. Mitchell J., Ramanathan A., Scedrov A., Teague V.. A probabilistic polynomial-time calculus for analysis of cryptographic protocols (Preliminary report). In: Proceedings of the 17th Annual Conference on the Mathematical Foundations of Programming Semantics, Arhus, Denmark, 2001, 45
29. Comon H., Shmatikov V.. Is it possible to decide whether a cryptographic protocol is secure or not?. Journal of Telecommunications and Information Technology, Special Issue on Cryptographic Protocol Verification (Goubault-Larrecq J. ed.), 2002, 4(1): 5-15
30. Hoare C. A. R.. Communicating Sequential Processes. London: Prentice-Hall International, 1985
31. Roscoe A. W.. Model-checking CSP. In: Roscoe A. W. ed.. A Classical Mind: Essays in Honor of C. A. R. Hoare. Prentice-Hall, 1994
32. Roscoe A. W.. Modelling and verifying key-exchange protocols using CSP and FDR. In: Proceedings of the 8th IEEE Computer Security Foundations Workshop, County Kerry, Ireland, 1995, 98-107
33. Schneier B.. Applied Cryptography: Protocols, Algorithms, and Source Code in C. 2nd Edition. New York: John Wiley and Sons, 1996
34. Cervesato I., Durgin N., Lincoln P., Mitchell J., Scedrov A.. A metanotation for protocol analysis. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop, Mordano, Italy, 1999, 55-69
35. Cervesato I., Durgin N., Lincoln P. D., Mitchell J. C., Scedrov A.. Relating strands and multiset rewriting for security protocol analysis. In: Proceedings of the 13th IEEE Computer Security Foundations Workshop, Cambridge, England, 2000, 35-51
36. Fabrega F. J. T., Hertzog J., Guttman J.. Strand spaces: Proving security protocols correct. Journal of Computer Security, 1999, 7(2/3): 191-230
37. Milner R.. Functions as processes. Mathematical Structures in Computer Science, 1992, 2(2): 119-141
38. Lincoln P. D., Mitchell J. C., Mitchell M., Scedrov A.. A probabilistic poly-time framework for protocol analysis. In: Proceedings of Computer and Communications Security-CCS'98, San Francisco, California, USA, 1998, 112-121
39. Lincoln P., Mitchell J., Mitchell M., Scedrov A.. Probabilistic polynomial-time equivalence and security analysis. In: Wing J., Woodcock J., Davies J. eds.. Proceedings of FM'99-Formal Methods. Lecture Notes in Computer Science 1709. Springer-Verlag, 1999, 776-793
40. Pfitzmann B., Waidner M.. Composition and integrity preservation of secure reactive systems. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, Athens, Greece, 2000, 245-254
41. Pfitzmann B., Waidner M.. A model for asynchronous reactive systems and its application to secure message transmission. In: Proceedings of the 22nd IEEE Symposium on Security and Privacy, Oakland, California, 2001, 184-200
42. Canetti R.. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 2000, 3(1): 143-202
43. Meadows C.. The NRL protocol analyzer: An overview. Journal of Logic Programming, 1996, 26(2): 113-131
44. Canetti R.. Universally composable security: A new paradigm for cryptographic protocols. In: Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science (FOCS), 2001, 136-145
45. Milner R.. A calculus of communication systems. Lecture Notes in Computer Science 92. New York: Springer-Verlag, 1980
46. Gong L., Needham R., Yahalom R.. Reasoning about belief in cryptographic protocols. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, LosAlamitos, California, 1990, 234-248
47. Abadi M., Tuttle M. R.. A Semantics for a logic of authentication. In: Proceedings of the 10th Annual ACM Symposium on Principles of Distributed Computing, Montreal, Quebec, Canada, 1991, 201-216
48. Syverson P. F., van Oorschot P. C.. On unifying some cryptographic protocol logics. In: Proceedings of the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, Washington, DC, 1994, 14-28
49. Kailar R.. Accountability in electronic commerce protocols. IEEE Transactions on Software Engineering, 1996, 22(5): 313-328
50. Coffey T., Saidha P.. Logic for verifying public key cryptographic protocols. IEE Journal of Computers and Digital Techniques, 1997, 144(1): 28-32
51. Kailar R., Gligor V. D., Gong L.. On the security effectiveness of cryptographic protocols. In; Proceedings of the 4th International Working Conference on Dependable Computing for Critical Applications, San Diego, California, 1994, 139-157
52. Rubin A. D., Honeyman P.. Nonmonotonic cryptographic protocols. In: Proceedings of IEEE Computer Security Foundations Workshop VII, New Hampshire, 1994, 100-116
53. Brackin S. H.. A HOL extension of GNY for automatically analyzing cryptographic protocols. In: Proceedings of Computer Security Foundations Workshop, 1996
54. Moser L.. A logic of knowledge and belief for reasoning about computer security. In: Proceedings of the Computer Security Foundations Workshop II, Washington, DC, 1989, 57-63
55. Bieber P.. A logic of communication in a hostile environment. In: Proceedings of the Computer Security Foundations Workshop III, Los Alamitos, California, 1990, 14-22
56. Kessler V., Wedel G.. AUTLOG: An advanced logic of authentication. In: Proceedings of the Computer Security Foundations Workshop VII, New Hampshire, 1994, 90-99
57. Woo T., Lam S.. A semantic model for authentication protocols. In: Proceedings of the 1993 Symposium on Research in Security and Privacy, Oakland, California, 1993, 178-194
58. Xue R., Feng D.. A new semantic model for authentication protocols in ASMs. Journal of Computer Science and Technology, 2004, 19(4): 555-563
59. Merritt M. J.. Cryptographic protocols [Ph. D. dissertation]. Georgia Institute of Technology, Atlanta, USA, 1983
60. Toussaint M.. Verification of cryptographic protocols [Ph. D. dissertation]. Universite deLiege, Belgium, 1991
61. Ryan P., Schneider S.. Modelling and Analysis of Security Protocols. Harlow, England: Addison-Wesley, 2001
62. Milner R., Parrow J., Walker D.. A calculus of mobile processes, Part I and II. Information and Computation, 1992, 100(1): 1-40, 100(1): 41-77
63. Stubblebine S., Gligor V.. On message integrity in cryptographic protocols. In: Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, 1992, 85-104
64. van Oorschot P.. Extending cryptographic logics of belief to key agreement protocols (extended abstract). In: Proceedings of the 1st ACM Conference on Computer and Communications Security, ACM, Fairfax, Virginia, 1993, 232-243
65. Syverson P., van Oorschot P.. On unifying some cryptographic protocol logics. In: Proceedings of the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, Washington, DC, 1994, 14-28
66. Pavlovic D., Smith D. R.. Guarded transitions in evolving specifications. In: Helene Kirchner, Christophe Ringeissen eds.. Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology Source. Lecture Notes In Computer Science 2422. London, UK: Springer-Verlag, 2002, 411-425
67. Abadi M., Rogaway P.. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, 2002, 5(2): 103-127
68. Canetti R., Fischlin M.. Universally composable commitments. In: Joe Kilian ed.. Advances in Cryptology-Proceedings of CRYPTO 2001. Lecture Notes in Computer Science 2139. Springer-Verlag, 2001, 19-40
69. Damgard I., Nielsen J. B.. Perfect hiding and perfect binding universally composable commitment schemes with constant expansion factor. In: Moli Yung eds.. Advances in Cryptology-Proceedings of CRYPTO 2002. Lecture Notes in Computer Science 2442. Springer-Verlag, 2002, 581-596
70. Canetti R., Lindell Y., Ostrovsky R., Sahai A.. Universally composable two-party and multi-party secure computation. In: Proceedings of the 34th Annual ACM Symposium on Theory of Computing, Montreal, Quebec, Canada, 2002, 494-503
71. Pereira O., Quisquater J.. A security analysis of the cliques protocols suites. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, 2001, 73-81
72. Pereira O., Quisquater J.. Generic insecurity of cliques-type authenticated group key agreement protocols. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop, Pacific Grove, CA, USA, 2004, 16-29