Automated verification of selected equivalences for security protocols

Journal of Logic and Algebraic Programming

Volumn 75, Issue 1, 2008, Pages 3-51

  Blanchet, Bruno ^a   Abadi, Martín ^b   Fournet, Cédric ^c  

^a ECOLE NORMALE SUPÉRIEURE   (France)

^b UNIVERSITY OF CALIFORNIA   (United States)

^c MICROSOFT RESEARCH   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

EQUIVALENCE CLASSES; LOGIC PROGRAMMING; SECURITY OF DATA; VERIFICATION;

PROTOCOL BEHAVIORS; SECURITY PROTOCOLS;

ROUTING PROTOCOLS;

EID: 38649141810     PISSN: 15678326     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.jlap.2007.06.002     Document Type: Article

References (46)

1. Abadi M. Secrecy by typing in security protocols. J. ACM 46 5 (1999) 749-786
2. Abadi M., Birrell A., Burrows M., Dabek F., and Wobber T. Bankable postage for network services. In: Saraswat V. (Ed). Advances in Computing Science - ASIAN 2003, Programming Languages and Distributed Computation, 8th Asian Computing Science Conference, Mumbai, India, December. Lecture Notes on Computer Science vol. 2896 (2003), Springer 72-90
3. Abadi M., and Blanchet B. Analyzing security protocols with secrecy types and logic programs. J. ACM 52 1 (2005) 102-146
4. M. Abadi, B. Blanchet, C. Fournet, Just fast keying in the pi calculus, ACM Trans. Inform. Syst. Security 10 (3) (2007), in press.
5. Abadi M., and Cortier V. Deciding knowledge in security protocols under equational theories. Theor. Comput. Sci. 367 1-2 (2006) 2-32
6. M. Abadi, C. Fournet, Mobile values, new names, and secure communication, in: 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01), London, United Kingdom, ACM Press, January 2001, pp. 104-115.
7. Abadi M., and Gordon A.D. A bisimulation method for cryptographic protocols. Nordic J. Comput. 5 4 (1998) 267-303
8. Abadi M., and Gordon A.D. A calculus for cryptographic protocols: the spi calculus. Inform. Comput. 148 1 (1999) 1-70 An extended version appeared as Digital Equipment Corporation Systems Research Center report No. 149, January 1998
9. Aiello W., Bellovin S.M., Blaze M., Canetti R., Ioannidis J., Keromytis K., and Reingold O. Just fast keying: key agreement in a hostile internet. ACM Trans. Inform. Syst. Security 7 2 (2004) 242-273
10. X. Allamigeon, B. Blanchet, Reconstruction of attacks against cryptographic protocols, in:18th IEEE Computer Security Foundations Workshop (CSFW-18), IEEE, Aix-en-Provence, France, June 2005, pp. 140-154.
11. F. Baader, C. Tinelli, Deciding the word problem in the union of equational theories, Technical Report UIUCDCS-R-98-2073, UILU-ENG-98-1724, University of Illinois at Urbana-Champaign, Oct. 1998.
12. M. Baudet, Sécurité des protocoles cryptographiques: aspects logiques et calculatoires. Ph.D. thesis, Ecole Normale Supérieure de Cachan, 2007.
13. S.M. Bellovin, M. Merritt, Encrypted Key Exchange: Password-based protocols secure against dictionary attacks, in: Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, May 1992, pp. 72-84.
14. S.M. Bellovin, M. Merritt, Augmented Encrypted Key Exchange: a password-based protocol secure against dictionary attacks and password file compromise, in: Proceedings of the First ACM Conference on Computer and Communications Security, November 1993, pp. 244-250.
15. B. Blanchet, An efficient cryptographic protocol verifier based on Prolog rules, in: IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, IEEE Computer Society, June 2001, pp. 82-96.
16. Blanchet B. From secrecy to authenticity in security protocols. In: Hermenegildo M., and Puebla G. (Eds). 9th International Static Analysis Symposium (SAS'02), Madrid, Spain, September. Lecture Notes on Computer Science vol. 2477 (2002), Springer 342-359
17. B. Blanchet, Automatic proof of strong secrecy for security protocols, in: IEEE Symposium on Security and Privacy, Oakland, California, May 2004, pp. 86-100.
18. B. Blanchet, Automatic proof of strong secrecy for security protocols, Technical Report MPI-I-2004-NWG1-001, Max-Planck-Institut für Informatik, Saarbrücken, Germany, July 2004.
19. Blanchet B. Security protocols: from linear to classical logic by abstract interpretation. Inform. Process. Lett. 95 5 (2005) 473-479
20. B. Blanchet, M. Abadi, C. Fournet, Automated verification of selected equivalences for security protocols, in: 20th IEEE Symposium on Logic in Computer Science (LICS 2005), Chicago, IL, IEEE Computer Society, June 2005, pp. 331-340.
21. C. Bodei, Security Issues in Process Calculi, Ph.D. thesis, Università di Pisa, January 2000.
22. C. Bodei, P. Degano, F. Nielson, H.R. Nielson, Control flow analysis for the π-calculus, in: International Conference on Concurrency Theory (Concur'98), Lecture Notes on Computer Science, vol. 1466, Springer, September 1998, pp. 84-98.
23. Boreale M., De Nicola R., and Pugliese R. Proof techniques for cryptographic processes. SIAM J. Comput. 31 3 (2002) 947-986
24. J. Borgström, S. Briais, U. Nestmann, Symbolic bisimulation in the spi calculus, in: P. Gardner, N. Gardner (Eds.), CONCUR 2004: Concurrency Theory, Lecture Notes on Computer Science, vol. 3170, Springer, August 2004, pp. 161-176.
25. J. Borgström, U. Nestmann, On bisimulations for the spi calculus, in: H. Kirchner, C. Ringeissen (Eds.), Algebraic Methodology and Software Technology: 9th International Conference, AMAST 2002, Saint-Gilles-les-Bains, Reunion Island, France, Lecture Notes on Computer Science, vol. 2422, Springer, September 2002, pp. 287-303.
26. E. Cohen, Proving protocols safe from guessing, in: Foundations of Computer Security, Copenhagen, Denmark, July 2002.
27. R. Corin, J.M. Doumen, S. Etalle, Analysing password protocol security against off-line dictionary attacks, in: 2nd Int. Workshop on Security Issues with Petri Nets and other Computational Models (WISP), Electronic Notes in Theoretical Computer Science, June 2004.
28. R. Corin, S. Malladi, J. Alves-Foss, S. Etalle, Guess what? Here is a new tool that finds some new guessing attacks, in: R. Gorrieri (Ed.), Workshop on Issues in the Theory of Security (WITS'03), Warsaw, Poland, April 2003.
29. V. Cortier, Vérification automatique des protocoles cryptographiques, Ph.D. thesis, ENS de Cachan, March 2003.
30. S. Delaune, F. Jacquemard, A theory of dictionary attacks and its complexity, in: 17th IEEE Computer Security Foundations Workshop, IEEE, Pacific Grove, CA, June 2004, pp. 2-15.
31. Dershowitz N., and Plaisted D.A. Rewriting. In: Robinson A., and Voronkov A. (Eds). Handbook of Automated Reasoning vol. I (2001), Elsevier Science 535-610 (Chapter 9)
32. P.H. Drielsma, S. Mödersheim, L. Viganò, A formalization of off-line guessing for security protocol analysis, in: F. Baader, A. Voronkov (Eds.), Logic for Programming, Artificial Intelligence, and Reasoning: 11th International Conference, LPAR 2004, Montevideo, Uruguay, Lecture Notes on Computer Science, vol. 3452, Springer, March 2005, pp. 363-379.
33. Durante L., Sisto R., and Valenzano A. Automatic testing equivalence verification of spi calculus specifications. ACM Trans. Softw. Eng. Methodol. (TOSEM) 12 2 (2003) 222-284
34. Focardi R., and Gorrieri R. The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans. Softw. Eng. 23 9 (1997) 550-571
35. L. Gong, Verifiable-text attacks in cryptographic protocols, in: INFOCOM'90, The Conference on Computer Communications, San Francisco, CA, IEEE, June 1990, pp. 686-693.
36. Gong L., Lomas T.M.A., Needham R.M., and Saltzer J.H. Protecting poorly chosen secrets from guessing attacks. IEEE J. Select. Areas Commun. 11 5 (1993) 648-656
37. A. Gordon, A. Jeffrey, Authenticity by typing for security protocols, in: 14th IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, IEEE Computer Society, June 2001, pp. 145-159.
38. H. Hüttel, Deciding framed bisimilarity, in: 4th International Workshop on Verification of Infinite-State Systems (INFINITY'02), Brno, Czech Republic, August 2002, pp. 1-20.
39. P.D. Lincoln, J.C. Mitchell, M. Mitchell, A. Scedrov, Probabilistic polynomial-time equivalence and security protocols, in: J. Wing, J. Woodcock, J. Davies (Eds.), FM'99 World Congress on Formal Methods in the Development of Computing Systems, Toulouse, France, Lecture Notes on Computer Science, vol. 1708, Springer, September 1999, pp. 776-793.
40. Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Tools and Algorithms for the Construction and Analysis of Systems. Lecture Notes on Computer Science vol. 1055 (1996), Springer 147-166
41. G. Lowe, Analyzing protocols subject to guessing attacks, in: Workshop on Issues in the Theory of Security (WITS'02), Portland, Oregon, January 2002.
42. Monniaux D. Abstracting cryptographic protocols with tree automata. Sci. Comput. Programm. 47 2-3 (2003) 177-202
43. Paulson L.C. The inductive approach to verifying cryptographic protocols. J. Comput. Security 6 1-2 (1998) 85-128
44. F. Pottier, A simple view of type-secure information flow in the π-calculus, in: Proceedings of the 15th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, June 2002, pp. 320-330.
45. F. Pottier, V. Simonet, Information flow inference for ML, in: Proceedings of the 29th ACM Symposium on Principles of Programming Languages (POPL'02), Portland, Oregon, January 2002, pp. 319-330.
46. A. Ramanathan, J. Mitchell, A. Scedrov, V. Teague, Probabilistic bisimulation and equivalence for security analysis of network protocols, in: I. Walukiewicz (Ed.), FOSSACS 2004 - Foundations of Software Science and Computation Structures, Barcelona, Spain, Lecture Notes on Computer Science, vol. 2987, Springer, March 2004, pp. 468-483.