What makes a cryptographic protocol secure? The evolution of requirements specification in formal cryptographic protocol analysis

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 2618, Issue , 2003, Pages 10-21

  Meadows, Catherine ^a  

^a NAVAL RESEARCH LABORATORY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SPECIFICATIONS;

CRYPTOGRAPHIC PROTOCOLS; FORMAL ANALYSIS; REQUIREMENTS SPECIFICATIONS;

CRYPTOGRAPHY;

EID: 35248838292     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/3-540-36575-3_2     Document Type: Article

References (32)

1. M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749-786, September 1999.
2. M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, to appear.
3. M. Bellare and P. Rogaway. Entity authentication and key distribution. In Advances in Cryptology - CRYPTO '93. Springer-Verlag, 1993.
4. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In Advances in Cryptology - Proceedings of CRYPTO 91. Springer-Verlag, 1991.
5. Michael Burrows, Martin Abadi, and Roger Needham. A Logic of Authentication. ACM Transactions in Computer Systems, 8(1):18-36, February 1990.
6. L. Buttyán and J.-P. Hubaux. Rational exchange - a formal model based on game theory. In 2nd International Workshop on Electronic Commerce (WELCOM'01), 16-17 November 2001.
7. I. Cervesato and C. Meadows. A fault-tree representation of NPATRL security requirements, submitted for publication, 2003.
8. Whitfield Diffie, Paul C. van Oorschot, and Michael J. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes, and Cryptography, 2:107-125, 1992.
9. D. Dolev and A. Yao. On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 29(2):198-208, March 1983.
10. F. J. Thayer Fábrega, J. Herzog, and J. Guttman. Strand space pictures. In Proceedings of the Workshop on Formal Methods and Security Protocols, 1998. available at http://www.cs.bell-labs.com/who/nch/fmsp/program.html.
11. F. Javier Thayer Fábrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 160-171. IEEE Computer Society Press, May 1998.
12. R. Focardi, R. Gorrieri, and F. Martinelli. Non interference for the analysis of cryptographic protocols. In U. Montanari, editor, 27th International Colloquium on Automata, Languages and Programming (ICALP'00). Springer Verlag: LNCS 1583, July 2000.
13. Li Gong and Paul Syverson. Fail-stop protocols: An approach to designing secure protocols. In R. K. Iyer, M. Morganti, Fuchs W. K, and V. Gligor, editors, Dependable Computing for Critical Applications 5, pages 79-100. IEEE Computer Society, 1998.
14. J. Goquen and J. Meseguer. Security policy and security models. In Proceedings of the 1982 Symposium on Security and Privacy, pages 11-20. IEEE Computer Society Press, 1982.
15. A. Gordon and A. Jeffrey. Authenticity by typing in security protocols. In Proceed-ings of the 14th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 2001.
16. A. Gordon and A. Jeffrey. Typing one-to-one and one-to-many correspondences in security protocols. In International Software Security Symposium (ISSS 2002). Springer LNCS, 2003.
17. Paul Hoffman. Features of proposed successors to IKE. Internet Draft draft-ietf-ipsec-soi-features-01.txt, May 31 2002. available at http://ietf.org/internet-drafts/draft-ietf-ipsec-soi-features-01.txt.
18. G. Lowe. Some new attacks on security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 162-169. IEEE Computer Society Press, 1996.
19. G. Lowe. A hierarchy of authentication specifications. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, pages 31-43. IEEE Computer Society Press, 1997.
20. C. Meadows. Applying Formal Methods to the Analysis of a Key Management Protocol. Journal of Computer Security, 1:5-53, 1992.
21. C. Meadows. A cost-based framework for analysis of denial of service in networks. Journal of Computer Security, 2001.
22. C. Meadows and P. Syverson. A formal specification of requirements for payment in the SET protocol. In Proceedings of Financial Cryptography '98. Springer-Verlag LLNCS, 1998.
23. C. Meadows, P. Syverson, and I. Cervesato. Formalizing GDOI group key management requirements in NPATRL. In Proceedings of the ACM Conference on Computer and Communications Security. ACM, November 2001.
24. J. K. Millen, S. C. Clark, and S. B. Freedman. The Interrogator: Protocol Security Analysis. IEEE Transactions on Software Engineering, SE-13(2), 1987.
25. J.C. Mitchell, A. Ramanathan, A. Scedrov, and V. Teague. A probabilistic polynomial-time calculus for analysis of cryptographic protocols (preliminary report). Electronic Notes in Theoretical Computer Science, 45, 2001.
26. G. Norman and V. Shmatikov. Analysis of probabilistic contract signing. In BCS-FACS Formal Aspects of Security (FASec '02), 2002.
27. A. W. Roscoe. Intensional specification of security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 28-38. IEEE Computer Society Press, June 10-12 1996.
28. S. Schneider. Security properties and CSP. In IEEE Computer Society Symposium on Security and Privacy. IEEE Computer Society Press, 1996.
29. V. Shmatikov. Probabilistic analysis of anonymity. In Proceedings of the 15th Computer Security Foundations Workshop. IEEE Computer Society Press, June 2002.
30. P. Syverson and C. Meadows. Formal requirements for key distribution protocols. In Proceedings of Eurocrypt '94. Springer-Verlag, 1994.
31. P. Syverson and C. Meadows. A formal language for cryptographic protocol requirements. Designs, Codes, and Cryptography, 7(1/2):27-59, 1996.
32. Paul Syverson and Catherine Meadows. A Logical Language for Specifying Cryptographic Protocol Requirements. In Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pages 165-177. IEEE Computer Society Press, Los Alamitos, California, 1993.