Open issues in formal methods for cryptographic protocol analysis

Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000

Volumn 1, Issue , 2000, Pages 237-250

  Meadows, C ^a  

^a NAVAL RESEARCH LABORATORY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOGRAPHY;

CRYPTOGRAPHIC PROTOCOLS; FORMAL METHODS FOR CRYPTOGRAPHIC PROTOCOLS; PROBLEM AREAS; RESEARCH NEEDS; SPECIALIZED TOOLS;

FORMAL METHODS;

EID: 84961720022     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DISCEX.2000.824984     Document Type: Conference Paper

References (54)

1. Josh Benaloh, Butler Lampson, Daniel Simon, Terence Spies, and Bennet Yee. The private communication technology protocol. draft-benaloh-pct-00.txt, October 1995.
2. M. Blaze, J. Feigenbaum, and J. Lacy. Managing trust in information systems. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 164-173. IEEE Computer Socity Press, May 1996.
3. S. Brackin. Evaluating and improving protocol analysis by automatic proof. In Proceedings of the 11th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1998.
4. J. Bryans and S. Schneider. CBS, PVS, and a recursive authentication protocol. In Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols, September 3-5 1997. available at http://dimacs.rutgers.edu/Workshops/Security/.
5. Michael Burrows, Martín Abadi, and Roger Needham. A Logic of Authentication. ACM Transactions in Computer Systems, 8(1):18-36, February 1990.
6. I. Cervesato, N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov. A meta-notation for protocol analysis. In Proceedings of 12th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1999.
7. Z. Dang and R. A. Kemmerer. Using the ASTRAL model checker for cryptographic protocol analysis. In Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols, September 1997. available at http://dimacs.rutgers.edu/Workshops/Security/.
8. Whitfield Diffie, Paul C. van Oorschot, and Michael J. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes, and Cryptography, 2:107-125, 1992.
9. D. Dolev, S. Even, and R. Karp. On the Security of Ping-Pong Protocols. Information and Control, pages 57-68, 1982.
10. D. Dolev and A. Yao. On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 29(2):198-208, March 1983.
11. A. Durante, R. Focardi, and R. Gorrieri. CVS: A compiler for the analysis of cryptographic protocols. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 203-212. IEEE Computer Society Press, June 1999.
12. B. Dutertre and S. Schneider. Using a PVS embedding of CSP to verify authentication protocols. In TPHOLS'97, 1997.
13. S. Even and O. Goldreich. On the security of multi-party ping-pong protocols. In Proceedings of the 24th IEEE Symposium on the Foundations of Computer Science, pages 34-39. IEEE Computer Society Press, 1983.
14. F. Javier Thayer Fabrega, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 160-171. IEEE Computer Society Press, May 1998.
15. N. Ferguson and B. Schneier. A security evaluation of IPSec. In M. Blaze, J. Ioannides, A. Keromytis, and J. Smith, editors, The IPSec Papers. Addison-Wesley, to appear.
16. D. Goldschlag, M. Reed, and P. Syverson. Onion routing for anonymous and private internet connections. Communications of the ACM, 42(2), February 1999.
17. Li Gong and Paul Syverson. Fail-stop protocols: An approach to designing secure protocols. In R. K. Iyer, M. Morganti, Fuchs W. K, and V. Gligor, editors, Dependable Computing for Critical Applications 5, pages 79-100. IEEE Computer Society, 1998.
18. N. Heintze and J. D. Tygar. A model for secure protocols and their composition. IEEE Transactions on Software Engineering, 22(1):16-30, Jan. 1996.
19. A. Huima. Efficient infinite-state analysis of security protocols. presented at FLOC'99 Workshop on Formal Methods and Security Protocols, July 1999.
20. Richard Kemmerer. Using Formal Methods to Analyze Encryption Protocols. IEEE Journal on Selected Areas in Communication, 7(4):448-457, 1989.
21. H. Krawczyk. SKEME: A versatile secure key exchange mechanism for Internet. In ISOC Secure Networks and Distributed Systems Symposium, San Diego, 1996.
22. P. Lincoln, J. MItchell, M. Mitchell, and A. Scedrov. Probabilistic polynomial-time equivalence and security analysis. In J. Wing, J. Woodcock, and J. Davies, editors, FM'99 - Formal Methods, pages 776-793. Springer- Verlag LLNCS 1709, September 1999.
23. D. Longley and S. Rigby. An Automatic Search for Security Flaws in Key Management Schemes. Computers and Security, 11(1):75-90, 1992.
24. G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Software - Concepts and Tools, 17:93-102, 1996.
25. W. Marrero. A model checker for authentication protocols. In Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols, September 1997. available at http://dimacs.rutgers.edu/Workshops/Security/.
26. D. Maughan, M. Schertler, M. Schneider, and J. Turner. Internet security association and key management protocol (ISAKMP). Request for Comments 2408, Network Working Group, November 1998. Available at http://www.ietf.org/html.charters/ipsec-charter.html.
27. C. Meadows. Applying Formal Methods to the Analysis of a Key Management Protocol. Journal of Computer Security, 1:5-53, 1992.
28. C. Meadows. Analyzing the Needham-Schroeder public-key protocol: A comparison of two approaches. In Computer Security - ESORICS 96, pages 355-364. Springer- Verlag, September 1996.
29. C. Meadows. Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer. In Proceedings of the 1999 Symposium on Security and Privacy. IEEE Computer Society Press, May 1999.
30. C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1999.
31. C. Meadows and P. Syverson. A formal specification of requirements for payment in the SET protocol. In Proceedings of Financial Cryptography ' 98. Springer- Verlag LLNCS, 1998.
32. Catherine Meadows. A system for the specification and verification of key management protocols. In Proceedings of the 1991 IEEE Computer Society Symposium in Research in Security and Privacy. IEEE Computer Society Press, May 1991.
33. Catherine Meadows. The NRL Protocol Analyzer: An overview. Journal of Logic Programming, 26(2):113-131, 1996.
34. J. K. Millen, S. C. Clark, and S. B. Freedman. The Interrogator: Protocol Security Analysis. IEEE Transactions on Software Engineering, SE-13(2), 1987.
35. Jonathan K. Millen. CAPSL: Common Authentication Protocol Specification Language. Technical Report MP 97B48, The MITRE Corporation, 1997. See http://www.csl.sri.com/millen/capsl.
36. J. Mitchell, M. Mitchell, and U. Stern. Automated analysis of cryptographic protocols using Murφ. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 141-151. IEEE Computer Society Press, May 1997.
37. R. M. Needham and M. D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 21(12):993-999, December 1978.
38. H. Orman. The OAKLEY key determination protocol. Request for Comments 2412, Network Working Group, November 1998. Available at http://www.ietf.org/html.charters/ipsec-charter.html.
39. Susan Pancho. Paradigm shifts in protocol analysis. In Proceedings of New Security Paradigms Workshop 1999. ACM, to appear.
40. L. Paulson. Mechanized proofs for a recursive authentication protocol. In Proceedings of the 10th Computer Security Foundations Workshop, pages 84-95. IEEE Computer Society Press, June 1997.
41. Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85-128, 1998.
42. M. Reiter and A. Rubin. Crowds: Anonymity for web transactions. ACM TISSEC, June 1999.
43. D. Song. Athena: An automatic checker for security protocol analysis. In Proceedings of 12th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1999.
44. S. Stoller. A bound on attacks on authentication protocols. presented at 1999 Workshop on Formal Methods and Security Protocols, available at http://www.cs.indiana.edu/hyplan/stoller/, July 1999.
45. S. Stubblebine and V. Gligor. On Message Integrity in Cryptographic Protocols. In Proceedings of the 1992 Symposium on Security and Privacy, pages 85-104. IEEE Computer Society Press, May 1992.
46. S. Stubblebine and C. Meadows. Formal characterization and automated analysis of known-pair and chosen-text attacks. IEEE Journal on Selected Areas in Communication, to appear.
47. P. Syverson and S. Stubblebine. Group principals and the formalization of anonymity. In J. Wing, J.Woodcock, and J. Davies, editors, FM'99 - Formal Methods, pages 814-833. Springer- Verlag LLNCS 1708, 1999.
48. Paul Syverson and Catherine Meadows. A Logical Language for Specifying Cryptographic Protocol Requirements. In Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pages 165-177. IEEE Computer Society Press, Los Alamitos, California, 1993.
49. F. Thayer, J. Herzog, and J. Guttman. Mixed strand spaces. In Proceedings of the IEEE 1999 Computer Security Foundations Workshop, pages 72-82. IEEE Computer Society Press, June 1999.
50. J. Thayer, J. Herzong, and J. Guttman. Honest ideals on strand spaces. In Proceedings of 11th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1998.
51. B. Timmerman. Secure adaptive dynamic traffic masking. In Proceedings of the 1999 New Security Paradigms Workshop. ACM, to appear.
52. B. Venkatraman and R. Newman-Wolfe. Capacity estimation and auditability of network covert channels. In Proceedings of the 1995 IEEE Symposium on Security and Privacy. IEEE Symposium on Security and Privacy, May 1995.
53. D. Volpano. Formalization and proof of secrecy properties. In Proceedings of the IEEE 1999 Computer Security Foundations Workshop, pages 92-95. IEEE Computer Society Press, June 1999.
54. J. Zhou. Fixing a security flaw in IKE protocols. Electronics Letters, 35(13):1072-1073, June 1999.