Symbolic and cryptographic analysis of the secure WS-ReliableMessaging Scenario

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3921 LNCS, Issue , 2006, Pages 428-445

  Backes, Michael ^a   Mödersheim, Sebastian ^b   Pfitzmann, Birgit ^a   Viganò, Luca ^b  

^a IBM RESEARCH ZURICH   (Switzerland)

^b ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); QUALITY OF SERVICE; SECURITY SYSTEMS; SEMANTICS; STANDARDS; XML;

INDUSTRY STANDARDS; QUALITY-OF-SERVICE STANDARDS; SECURITY STANDARDS; XML-BASED COMMUNICATION;

CRYPTOGRAPHY;

EID: 33745824225     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11690634_29     Document Type: Conference Paper

References (43)

1. M. Abadi and P. Rogaway. Reconciling two views of cryptography: The computational soundness of formal encryption. In Proc. 1st IFIP TCS, LNCS 1872, pp. 3-22. Springer, 2000.
2. A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, P.-C. Heám, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Viganò, and L. Vigneron. The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In Proc. CAV2005, LNCS 3576, pp. 281-285. Springer, 2005.
3. M. Backes, S. Mödersheim, B. Pfitzmann, and L. Viganò. Symbolic and Cryptographic Analysis of the Secure WS-ReliableMessaging Scenario (Extended Version). Technical Report 502, Department of Computer Science, ETH Zurich, 2006. Available at www.infsec.ethz.ch.
4. M. Backes and B. Pfitzmann. Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In Proc. 17th IEEE CSFW, 2004.
5. M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations (extended abstract). In Proc. 10th ACM CCS, pp. 220-230, 2003. Full version in IACR Cryptology ePrint Archive 2003/015, Jan. 2003, http://eprint.iacr.org/.
6. M. Backes, B. Pfitzmann, and M. Waidner. Symmetric authentication within a simulatable cryptographic library. In Proc. 8th ESORICS, LNCS 2808, pp. 271-290. Springer, 2003.
7. M. Backes, B. Pfitzmann, and M. Waidner. A general composition theorem for secure reactive systems. In Proc. 1st TCC, LNCS 2951, pp. 336-354. Springer, 2004.
8. D. Basin, S. Mödersheim, and L. Viganò. OFMC: A Symbolic Model-Checker for Security Protocols. International Journal of Information Security, 4(3): 181-208, 2005.
9. G. Bella, F. Massacci, and L. C. Paulson. Verifying the SET Purchase Protocols. Journal of Automated Reasoning, to appear.
10. M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In Proc. ASIACRYPT 2000, LNCS 1976, pp. 531-545. Springer, 2000.
11. M. Bellare and P. Rogaway. Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient constructions. In Proc. ASIA-CRYPT 2000, LNCS 1976, pp. 317-330. Springer, 2000.
12. K. Bhargavan, R. Corin, C. Fournet, and A. Gordon. Secure sessions for web services. In Proc. ACM Workshop on Secure Web Services (SWS), 2004.
13. K. Bhargavan, C. Fournet, and A. Gordon. A semantics for web service authentication. In Proc. 31st POPL, pp. 198-209. ACM Press, 2004.
14. K. Bhargavan, C. Fournet, and A. Gordon. Verifying policy-based security for web services. In Proc. 11th ACM CCS, pp. 268-277, 2004.
15. K. Bhargavan, C. Fournet, A. Gordon, and R. Pucella. TulaFale: A security tool for web servies. In Proc. 2nd FMCO, LNCS 3188, pp. 197-222. Springer, 2004.
16. B. Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In Proc. 14th IEEE CSFW, pp. 82-96, 2001.
17. C. Bodei, M. Buchholtz, P. Degano, F. Nielson, and H. Riis Nielson. Static validation of security protocols. Journal of Computer Security, 13(3):347-390, 2005.
18. D. Box, F. Curbera et al. Web Services Addressing (WS-Addressing), Aug. 2004.
19. D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn, H. F. Nielsen, S. Thatte, and D. Winer. Simple object access protocol (SOAP) 1.1, May 2000.
20. R. Canetti and J. Herzog. Universally composable symbolic analysis of cryptographic protocols (the case of encryption-based mutual authentication and key exchange). Cryptology ePrint Archive, Report 2004/334, 2004.
21. Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, J. Mantovani, S. Mödersheim, and L. Vigneron. A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols. In Proc. Workshop on Specification and Automated Processing of Security Requirements (SAPS'04), pp. 193-205. Austrian Computer Society, 2004.
22. J. Clark and J. Jacob. A Survey of Authentication Protocol Literature: Version 1.0, 17. Nov. 1997.
23. H. Comon-Lundh and V. Cortier. Security properties: two agents are sufficient. In Proc. 12th ESOP, LNCS 2618, pp. 99-113. Springer, 2003.
24. D. Davis, C. Ferris, V. Gajjala, K. Gavrylyuk, M. Gudgin, C. Kaler, D. Langworthy, M. Moroney, A. Nadalin, J. Roots, T. Storey, T. Vishwanath, and D. Walter. Secure WS-ReliableMessaging scenarios, Apr. 2005. ftp://www6.software.ibm.com/software/developer/library/ws-rmseconscenario.doc.
25. D. Dolev and A. C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198-208, 1983.
26. B. Donovan, P. Norris, and G. Lowe. Analyzing a library of security protocols using Casper and FDR. In Proc. Workshop on Formal Methods and Security Protocols (FMSP'99), 1999.
27. D. F. Ferguson, T. Storey, B. Lovering, and J. Shewchuk. Secure, reliable, transacted Web Services - architecture and composition, Oct. 2003. Available at http://www-106.ibm.com/developerworks/webservices/librsury/ws-securtrans/.
28. C. Ferris, D. Langworthy et al. Web Services Reliable Messaging Protocol (WS-ReliableMessaging), Feb. 2005.
29. A. Gordon and R. Pucella. Validating a web service security abstraction by typing. In Proc. 1st ACM Workshop on XML Security, pp. 18-29, 2002
30. A. Gotsman, F. Massacci, and M. Pistore. Towards an Independent Semantics and Verification Technology for the HLPSL Specification Language. Electronic Notes in Theoretical Computer Science 135(1):59-77, 2005.
31. T. Groß, B. Pfitzmann, and A.-R. Sadeghi. Proving a WS-Federation Passive Requestor Profile with a Browser Model. In Proc. ACM Workshop on Secure Web Services (SWS), pp. 54-64. ACM Press, 2005.
32. M. Gudgin, A. Nadalin et al. Web Services Secure Conversation Language (WS-SecureConversation), Feb. 2005.
33. M. Gudgin, A. Nadalin et al. Web Services Trust Language (WS-Trust), Feb. 2005.
34. M. Hur, R. D. Johnson, A. Medvinsky, Y. Rouskov, J. Spellman, S. Weeden, and A. Nadalin. Passive Requestor Federation Interop Scenario, Version 0.4, Feb. 2004. ftp://www6.software.ibm.com/software/developer/library/ws-fpscenario2.doc.
35. F. Jacquemard, M. Rusinowitch, and L. Vigneron. Compiling and verifying security protocols. In Proc. LPAR 2000, LNCS 1955, pp. 131-160. Springer, 2000.
36. C. Kaler et al. Web Services Security (WS-Security), version 1.0, Apr. 2002.
37. E. Kleiner and A. Roscoe. On the relationship of traditional and Web Services Security protocols. In Proceedings of the XXI Mathematical Foundations of Programming Semantics (MFPS'05). Electronic Notes in Theoretical Computer Science, to appear.
38. P. Laud. Symmetric encryption in automatic analyses for confidentiality against active adversaries. In Proc. 25th IEEE Symposium on Security & Privacy, pp. 71-85, 2004.
39. G. Lowe. A hierarchy of authentication specifications. In Proc. 10th IEEE CSFW, pp. 31-43, 1997.
40. D. Micciancio and B. Warinschi. Soundness of formal encryption in the presence of active adversaries. In Proc. 1st TCC, LNCS 2951, pp. 133-151. Springer, 2004.
41. D. Song, S. Berezin, and A. Perrig. Athena: a novel approach to efficient automatic security protocol analysis. Journal of Computer Security, 9:47-74, 2001.
42. M. Turuani. Sécurité des Protocoles Cryptographiques: Décidabilité et Complexité. Phd, Université Henri Poincaré, Nancy, December 2003.
43. L. Viganò. Automated Security Protocol Analysis with the AVISPA Tool. In Proceedings of the XXI Mathematical Foundations of Programming Semantics (MFPS'05). Electronic Notes in Theoretical Computer Science, to appear.