Formal analysis of PIN block attacks

Theoretical Computer Science

Volumn 367, Issue 1-2, 2006, Pages 257-270

  Steel, Graham ^a  

^a UNIVERSITY OF EDINBURGH   (United Kingdom)

Author keywords

Constraint logic programming; PIN blocks; Probabilistic model checking; Security API analysis

Indexed keywords

CRYPTOGRAPHY; ENCODING (SYMBOLS); INTERFACES (COMPUTER); LOGIC PROGRAMMING; PROBABILISTIC LOGICS; SECURITY SYSTEMS;

CONSTRAINT LOGIC PROGRAMMING; PIN BLOCKS; PROBABILISTIC MODEL CHECKING; SECURITY API ANALYSIS;

IDENTIFICATION (CONTROL SYSTEMS);

EID: 33750486826     PISSN: 03043975     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.tcs.2006.08.042     Document Type: Article

References (14)

1. M. Bond, R. Anderson, API level attacks on embedded systems, IEEE Comput. Mag. (2001) 67-75.
2. M. Bond, P. Zieliński, Decimalisation table attacks for PIN cracking, Technical Report UCAM-CL-TR-560, University of Cambridge, January 2003.
3. M. Carlsson, G. Ottosson, B. Carlson, An open-ended finite domain constraint solver, in: Proc. Programming Languages: Implementations, Logics, and Programs, Southampton, UK, September 1997, pp. 191-206.
4. J. Clulow, The design and analysis of cryptographic APIs for security devices, Master's Thesis, University of Natal, Durban, 2003.
5. P. Drielsma, S. Mödersheim, L. Viganò, A formalization of off-line guessing for security protocol analysis, in: F. Baader, A. Voronkov (Eds.), LPAR, Lecture Notes in Artificial Intelligence, Vol. 3452, ETH Zürich, Computer Science, Springer, Berlin, 2005, pp. 363-379.
6. Ganapathy V., Seshia S.A., Jha S., Reps T.W., and Bryant R.E. Automatic discovery of API-level exploits. ICSE '05: Proc. 27th Internat. Conf. on Software Engineering (May 2005), ACM Press, New York, NY, USA 312-321
7. Hansson H., and Jonsson B. A logic for reasoning about time and reliability. Formal Aspects Comput. 6 5 (1994) 512-535
8. Kwiatkowska M., Norman G., and Parker D. PRISM 20: a tool for probabilistic model checking. Proc. First Internat. Conf. on Quantitative Evaluation of Systems (QEST'04) (2004), IEEE Computer Society Press, Silver Spring, MD 322-323
9. Longley D., and Rigby S. An automatic search for security flaws in key management schemes. Comput. Security 11 1 (1992) 75-89
10. Lowe G. Analysing protocol subject to guessing attacks. J. Comput. Security 12 1 (2004) 83-98
11. Sheyner O., Haines J., Jha S., Lippmann R., and Wing J.M. Automated generation and analysis of attack graphs. 2002 IEEE Symp. on Security and Privacy. Berkeley, California (May 12-15, 2002) 273-284
12. V. Shmatikov, Probabilistic analysis of anonymity, in: CSFW '02: Proc. 15th IEEE Computer Security Foundations Workshop (CSFW'02), Washington, DC, USA, 2002, IEEE Computer Society, pp. 119-128.
13. G. Steel, Deduction with XOR constraints in security API modelling, in: R. Nieuwenhuis (Ed.), Proc. 20th Conf. on Automated Deduction (CADE 20), Tallinn, Estonia, July 2005, Lecture Notes in Artificial Intelligence, Vol. 3632, Springer, Heidelberg, pp. 322-336.
14. P. Youn, B. Adida, M. Bond, J. Clulow, J. Herzog, A. Lin, R. Rivest, R. Anderson, Robbing the bank with a theorem prover, Technical Report UCAM-CL-TR-644, University of Cambridge, August 2005.