Causality-based abstraction of multiplicity in security protocols

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2007, Pages 355-369

  Backes, Michael ^a   Maffei, Matteo ^a   Cortesi, Agostino ^b  

^a SAARLAND UNIVERSITY   (Germany)

^b CA' FOSCARI UNIVERSITY OF VENICE   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

ABSTRACTING; FORMAL LOGIC; GRAPH THEORY; SECURITY OF DATA; SEMANTICS;

CAUSAL GRAPH; CONCURRENT PROTOCOL; SECURITY PROTOCOLS;

NETWORK PROTOCOLS;

EID: 35048817493     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2007.11     Document Type: Conference Paper

References (33)

1. M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749-786, 1999.
2. M. Abadi and B. Blanchet. Secrecy types for asymmetric communication. In Proc. 4th International Conference on Foundations of Software Science and Computation Structures (FOSSACS), volume 2030 of Lecture Notes in Computer Science, pages 25-41. Springer-Verlag, 2001.
3. M. Abadi and B. Blanchet. Analyzing security protocols with secrecy types and logic programs. In Proc. 29th Symposium on Principles of Programming Languages (POPL), pages 33-44. ACM Press, 2002.
4. M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. In Proc. 4th ACM Conference on Computer and Communications Security, pages 36-47, 1997.
5. B. Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In Proc. 14th IEEE Computer Security Foundations Workshop (CSFW), pages 82-96. IEEE Computer Society Press, 2001.
6. B. Blanchet and A. Podelski. Verification of cryptographic protocols: Tagging enforces termination. In Proc. 6th International Conference on Foundations of Software Science and Computation Structures (FOSSACS), pages 136-152, 2003.
7. D. Bleichenbacher. Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS. In Advances in Cryptology: CRYPTO '98, volume 1462 of Lecture Notes in Computer Science, pages 1-12. Springer-Verlag, 1998.
8. C. Bodei, M. Buchholtz, P. Degano, F. Nielson, and H. R. Nielson. Static validation of security protocols. Journal of Computer Security, 13(3):347-390, 2005.
9. M. Boreale. Symbolic trace analysis of cryptographic protocols. In 28rd International Colloquium on Automata, Languages and Programming (ICALP 2001), Lecture Notes in Computer Science, pages 667-681. Springer-Verlag, 2001.
10. M. Boreale, R. D. Nicola, and R. Pugliese. Proof techniques for cryptographic processes. In Proc. 14th Annual IEEE Symposium on Logic in Computer Science (LICS), pages 157-166, 1999.
11. M. Bugliesi, R. Focardi, and M. Maffei. Compositional analysis of authentication protocols. In Proc. 13th European Symposium on Programming (ESOP), volume 2986 of Lecture Notes in Computer Science, pages 140-154. Springer-Verlag, 2004.
12. M. Bugliesi, R. Focardi, and M. Maffei. Dynamic types for authentication, 2007. To appear in Journal of Computer Security.
13. P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proc. 4th Symposium on Principles of Programming Languages (POPL), pages 238-252. ACM Press, 1977.
14. F. Crazzolara and G. Winskel. Events in security protocols. In Proc. 8th ACM Conference on Computer and Communications Security, pages 96-105. ACM Press, 2001.
15. D. E. Denning and G. M. Sacco. Timestamps in key distribution protocols. Communications of the ACM, 24(8):533-536, 1981.
16. S. Doghmi, J. Guttman, and F. Thayer. Searching for shapes in cryptographic protocols. In Proc. 13th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), Lecture Notes in Computer Science, pages 523-538. Springer-Verlag, 2007.
17. D. Dolev and A. C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198-208, 1983.
18. L. S. et Vérification. Security protocols open repository. http://www.lsv.ens-cachan.fr/spore/.
19. J. Feret. Analysis of Mobile Systems by Abstract Interpretation. PhD thesis, École Polytechnique, 2005.
20. D. Fisher. Millions of .Net Passport accounts put at risk. eWeek, May 2003. (Flaw detected by Muhammad Faisal Rauf Danka).
21. C. Fournet, A. D. Gordon, and S. Maffeis. A type discipline for authorization policies. In Proc. 14th European Symposium on Programming (ESOP), Lecture Notes in Computer Science, pages 141-156. Springer-Verlag, 2005.
22. H. Gao, P. Degano, C. Bodei, and H. R. Nielson. Detecting replay attacks by freshness annotations. In WITS '07: Proceedings of the 7th Workshop on Issues in the theory of security, pages 85-100, 2007.
23. A. D. Gordon and A. Jeffrey. Types and effects for asymmetric cryptographic protocols. Journal of Computer Security, 12(3):435-484, 2004.
24. A. D. Gordon and A. Jeffrey. Secrecy despite compromise: Types, cryptography, and the pi-calculus. In Proc. 16th International Conference on Concurrency Theory (CONCUR), volume 3653, pages 186-201. Springer-Verlag, 2005.
25. J. Goubault-Larrecq and F. Parrennes. Cryptographic protocol analysis on real c code. In Proc. 6th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI'05), volume 3385 of Lecture Notes in Computer Science, pages 363-379. Springer-Verlag, 2005.
26. J. Guttman, F. Thayer, J. A. Carlson, J. C. Herzog, J. D. Ramsdell, and B. T. Sniffen. Trust management in strand spaces: a rely-guarantee method. In Proc. 13th European Symposium on Programming (ESOP), volume 2986 of Lecture Notes in Computer Science, pages 325-339. Springer-Verlag, 2004.
27. J. D. Guttman and F. J. Thayer. Authentication tests and the structure of bundles. Theoretical Computer Science, 283(2):333-380, 2002.
28. G. Lowe. "A Hierarchy of Authentication Specification". In Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), pages 31-44. IEEE Computer Society Press, 1997.
29. R. Needham and M. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 12(21):993-999, 1978.
30. J. L. Peterson. Petri nets. ACM Computing Surveys, 9(3):223-252, 1977.
31. D. Wagner and B. Schneier. Analysis of the SSL 3.0 protocol. In Proc. 2nd USENIX Workshop on Electronic Commerce, pages 29-40, 1996.
32. G. Winskel. Event structures. In Advances in Petri nets 1986, part II on Petri nets: applications and relationships to other models of concurrency, pages 325-392. Springer-Verlag, 1987.
33. T. Y. C. Woo and S. S. Lam. A lesson on authentication protocol design. Operation Systems Review, 28(3):24-37, 1994.