Formal verification of cardholder registration in SET

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 1895, Issue , 2000, Pages 159-174

  Bella, Giampaolo ^a   Massacci, Fabio ^b,c   Paulson, Lawrence C ^a   Tramontano, Piero ^c  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

^b UNIVERSITY OF SIENA   (Italy)

^c SAPIENZA UNIVERSITY OF ROME   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

THEOREM PROVING;

CERTIFICATION AUTHORITIES; FORMAL MODELING; ISABELLE;

FORMAL VERIFICATION;

EID: 84944035753     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/10722599_10     Document Type: Conference Paper

References (22)

1. G. Bella. Message reception in the inductive approach. Research Report 460, University of Cambridge - Computer Laboratory, 1999.
2. G. Bella. Modelling agents’ knowledge inductively. In Proceedings of the 7th International Workshop on Security Protocols, volume 1796 of Lecture Notes in Comp. Sci. Springer-Verlag, 1999.
3. G. Bella and L. C. Paulson. Kerberos version IV: Inductive analysis of the secrecy goals. In Proc. of the 5th Eur. Sym. on Res. in Comp. Sec., volume 1485 of Lecture Notes in Comp. Sci., pages 361-375. Springer-Verlag, 1998.
4. S. Brackin. Automatic formal analyses of two large commercial protocols. In Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols, September 1997. Available on the web at http://www.arca.com/proj papers/brackin/dimacs.pdf.
5. S. Brackin. Automatically detecting authentication limitations in commercial security protocols. In Proceedings of the 22nd National Conference on Information Systems Security, October 1999. Available on the web at http://www.arca.com/proj papers/brackin/Nissc99.pdf.
6. CCITT. Recommendation X.509: The Directory - Authentication Framework, 1988. Available electronically at http://www.itu.int/itudoc/itu-t/rec/x/x500up/x509.html.
7. R. Kailar. Reasoning about accountability in protocols for electronic commerce. In Proc. of the 14th IEEE Sym. on Sec. and Privacy, pages 236-250. IEEE Comp. Society Press, 1995.
8. V. Kessler and H. Neumann. A sound logic for analysing electronic commerce protocols. In J. Quisquater, Y. Deswarte, C. Meadows, and D. Gollmann, editors, Proc. of the 5th Eur. Sym. on Res. in Comp. Sec., volume 1485 of Lecture Notes in Comp. Sci. Springer-Verlag, 1998.
9. L. Loeb. Secure Electronic Transactions: Introduction and Technical Reference. Computer Science. Artech House, 1998. Enclosed a CD-ROM with SET Reference Implementation Version 1.0.
10. G. Lowe. A hierarchy of authentication specifications. In Proc. of the 10th IEEE Comp. Sec. Found. Workshop, pages 31-43. IEEE Comp. Society Press, 1997.
11. Mastercard & VISA. SET Secure Electronic Transaction Specification: Business Description, May 1997. Available electronically at http://www.setco.org/set specifications.html.
12. Mastercard & VISA. SET Secure Electronic Transaction Specification: Formal Protocol Definition, May 1997. Available electronically at http://www.setco.org/set specifications.html.
13. Mastercard & VISA. SET Secure Electronic Transaction Specification: Programmer’s Guide, May 1997. Available electronically at http://www.setco.org/set specifications.html.
14. C. Meadows. Open issues in formal methods for cryptographic protocol analysis. In Proceedings of DISCEX 2000, pages 237-250. IEEE Comp. Society Press, 2000.
15. C. Meadows and P. Syverson. A formal specification of requirements for payment transactions in the SET protocol. In R. Hirschfeld, editor, Proceedings of Financial Cryptography 98, volume 1465 of Lecture Notes in Comp. Sci. Springer-Verlag, 1998.
16. R. M. Needham and M. Schroeder. Using encryption for authentication in large networks of computers. Comm. of the ACM, 21(12):993-999, 1978.
17. D. O’Mahony, M. Peirce, and H. Tewari. Electronic payment systems. The Artech House computer science library. Artech House, 1997.
18. L. C. Paulson. The inductive approach to verifying cryptographic protocols. J. of Comp. Sec., 6:85-128, 1998.
19. L. C. Paulson. Inductive analysis of the internet protocol TLS. ACM Trans. On Inform. and Sys. Sec., 2(3):332-351, 1999.
20. RSA Laboratories. PKCS-6: Extended-Certificate Syntax Standard, 1993. Available electronically at http://www.rsasecurity.com/rsalabs/pkcs.
21. RSA Laboratories. PKCS-7: Cryptographic Message Syntax Standard, 1993. Available electronically at http://www.rsasecurity.com/rsalabs/pkcs.
22. S. Schneider. Verifying authentication protocols in CSP. IEEE Trans. On Software Engineering, 24(9):741-758, 1998.