Unbounded verification, falsification, and characterization of security protocols by pattern refinement

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2008, Pages 119-128

  Cremers, Cas J F ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

Characterization; Falsification; Security protocol analysis; Unbounded verification

Indexed keywords

FALSIFICATION; MULTIPROTOCOLS; PROTOCOL ANALYSIS; SECURITY PROTOCOL ANALYSIS; SECURITY PROTOCOLS; STATE-OF-THE-ART PERFORMANCE; UNBOUNDED VERIFICATION; VERIFICATION ALGORITHMS;

LAW ENFORCEMENT; NETWORK SECURITY;

NETWORK PROTOCOLS;

EID: 67650240831     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1455770.1455787     Document Type: Conference Paper

References (31)

1. A. Armando and L. Compagna. Sat-based model checking for security protocols analysis. International Journal of Information Security, 7(l):3-32, 2008.
2. M. Backes, S. Lorenz, M. Maffei, and K. Pecina. The CASPA tool: Causality-based abstraction for security protocol analysis. In A. Gupta and S. Malik, editors. CAV, volume 5123 of Lecture Notes in Computer Science, pages 419-422. Springer, 2008.
3. M. Backes, M. Maffei, and A. Cortesi. Causality-based abstraction of multiplicity in security protocols. In Proc. 20th IEEE Computer Security Foundations Symposium (CSF). IEEE Computer Society, June 2007.
4. D. Basin, S. Mödersheim, and L. Viganò. OFMC: A symbolic model checker for security protocols. International Journal of Information Security, 4(3):181-208, 2005.
5. S. Berezin. Extensions to Athena: Constraint satisfiability problem and new pruning theorems based on type system extensions for messages. http://www. sergeyberezin.com/papers/athena-exteiisions.ps (unpublished manuscript), 2001.
6. B. Blanchet. An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In Proc. 14th IEEE Computer Security Foundations Workshop (CSFW), pages 82-96, Cape Breton, June 2001. IEEE Computer Society.
7. C. Bodei, M. Buchholtz, P. Degano, F. Nielson, and H. Nielson. Static validation of security protocols. Journal of Computer Security, 13(3):347-390, 2005.
8. Y. Boichut, P.-C. Héam, O. Kouchnarenko, and F. Oehl. Improvements on the Genet and Klay technique to automatically verify security protocols. In Proc. International Workshop on Automated Verification of Infinite-State Systems (AVIS'2004).
9. M. Bugliesi, R. Focardi, and M. Maffei. Authenticity by tagging and typing. In Proc. 2nd ACM Workshop on Formal Methods in Security Engineering (FMSE), pages 1-12. ACM Press, 2004.
10. M. Burrows, M. Abadi, and R, Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(l):18-36, 1990.
11. R. Corin and S. Etalle. An improved constraint-based system for the verification of security protocols. In Proc. 9th International Static Analysis Symposium (SAS), volume 2477 of Lecture Notes in Computer Science, pages 326-341, Spain, Sep 2002. Springer.
12. C. Cremers. Feasibility of multi-protocol attacks. In Proc. of The First International Conference on Availability, Reliability and Security (ARES), pages 287-294, Vienna, Austria, April 2006, IEEE Computer Society.
13. C. Cremers. The Scyther Tool: Verification, falsification, and analysis of security protocols. In Computer Aided Verification, 20th International Conference, CAV 2008, Princeton, USA, Proc, volume 5123/2008 of Lecture- Notes in Computer Science, pages 414-418. Springer, 2008.
14. C. Cremers and P. Lafourcade. Comparing state spaces in automatic protocol verification. In Proc. of the 7th Int. Workshop on Automated Verification of Critical Systems (AVoCS'07), Electronic Notes in Theoretical Computer Science. Elsevier Science Direct, September 2007.
15. C. Cremers and S. Mauw. Operational semantics of security protocols. In Scenarios: Models. Transformations and Tools, International Workshop, 2003, Revised Selected Papers, volume 3466 of Lecture Notes in Computer Science. Springer, 2005.
16. S. Doghmi, J. D. Guttman, and F. Thayer. Skeletons, homomorphisms, and shapes: Characterizing protocol executions. In Proc. of the 23rd Conf. on the Mathematical Foundations of Programming Semantics (MFPS XXIII), volume 173 of Electronic Notes in Theoretical Computer Science, pages 85-102. Elsevier ScienceDirect, April 2007.
17. D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(12):198-208, Mar. 1983.
18. N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov. Undecidability of bounded security protocols. In Proc. of the FLOC'99 Workshop on Formal Methods and Security Protocols (FMSP'99), 1999.
19. C. Haack and A. Jeffrey. Pattern-matching spi-calculus. Inf. Cornput., 204(8):1195-1263, 2006.
20. F. O. P. IST-2001-39252. AVISPA: Automated validation of internet security protocols and applications, 2003.
21. G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proc. 2nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), volume 1055 of Lecture Notes in Computer Science, pages 147-166. Springer, 1996.
22. G. Lowe. Casper: A compiler for the analysis of security protocols. In Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), pages 18-30. IEEE Computer Society, 1997.
23. C.Meadows. The NRL protocol analyzer: An overview. Journal of Logic Programming, 26(2):113-131, 1996.
24. S. Meier. A formalization of an operational semantics of security protocols. Diploma thesis, ETH Zurich, August 2007. http: //people.inf.ethz.ch/ meiersi/fossp/index.html.
25. J. Milieu. A necessarily parallel attack. In Workshop on Formal Methods and Security Protocols, Trento, Italy, 1999.
26. L. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85-128, 1998.
27. L. Paulson. Inductive analysis of the Internet protocol TLS. ACM Transactions on Information and System Security, 2(3):332-351, Aug. 1999.
28. D. Song, S, Berezin, and A, Perrig. Athena: A novel approach to efficient automatic security protocol analysis. Journal of Computer Security, 9(l/2):47-74, 2001.
29. Security protocols open repository (SPORE), http://www.lsv.ens-cachan.fr/ spore.
30. F. Thayer, J. Herzog, and J. Guttman. Strand spaces: Proving security protocols correct. Journal of Computer Security, 7:191-230, 1999.
31. M. Turuani. The CL-Atse protocol analyser. In Proc. RTA '06, volume 4098 of Lecture Notes in Computer Science, pages 227-286. Springer, Aug. 2006.