Models and Proofs of Protocol Security: A Progress Report

This paper discusses progress in the verification of security protocols. Focusing on a small, classic example, it stresses the use of program-like representations of protocols, and their automatic analysis in symbolic and computational models.

[1]  Mathieu Baudet,et al.  Sécurité des protocoles cryptographiques : aspects logiques et calculatoires. (Security of cryptographic protocols : logical and computational aspects) , 2007 .

[2]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[3]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[4]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[5]  Roberto M. Amadio,et al.  The Game of the Name in Cryptographic Tables , 1999, ASIAN.

[6]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[7]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[8]  Martín Abadi,et al.  Just fast keying in the pi calculus , 2004, TSEC.

[9]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[10]  Avik Chaudhuri,et al.  Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[11]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[12]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[13]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[14]  Bogdan Warinschi,et al.  Soundness of Formal Encryption in the Presence of Active Adversaries , 2004, TCC.

[15]  Adriano Valenzano,et al.  Automatic testing equivalence verification of spi calculus specifications , 2003, TSEM.

[16]  Martín Abadi,et al.  Analyzing security protocols with secrecy types and logic programs , 2002, POPL '02.

[17]  Robin Milner,et al.  Theories for the Global Ubiquitous Computer , 2004, FoSSaCS.

[18]  Lawrence C. Paulson,et al.  Inductive analysis of the Internet protocol TLS , 1999, TSEC.

[19]  John C. Mitchell,et al.  Probabilistic Bisimulation and Equivalence for Security Analysis of Network Protocols , 2004, FoSSaCS.

[20]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[21]  Andrew D. Gordon,et al.  Verified Reference Implementations of WS-Security Protocols , 2006, WS-FM.

[22]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[23]  Martín Abadi,et al.  Security Protocols: Principles and Calculi , 2007, FOSAD.

[24]  Cédric Fournet,et al.  Cryptographically verified implementations for TLS , 2008, CCS.

[25]  Véronique Cortier,et al.  Computational soundness of observational equivalence , 2008, CCS.

[26]  Rocco De Nicola,et al.  Proof techniques for cryptographic processes , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[27]  David Pointcheval,et al.  Automated Security Proofs with Sequences of Games , 2006, CRYPTO.

[28]  Martín Abadi,et al.  Computer-Assisted Verification of a Protocol for Certified Email , 2003, SAS.

[29]  Andreas Podelski,et al.  Verification of cryptographic protocols: tagging enforces termination , 2003, Theor. Comput. Sci..

[30]  Vincent Danos,et al.  Reversible Communicating Systems , 2004, CONCUR.

[31]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[32]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2004 .

[33]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[34]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .

[35]  Uwe Nestmann,et al.  Symbolic Bisimulation in the Spi Calculus , 2004, CONCUR.

[36]  Martín Abadi,et al.  Automated verification of selected equivalences for security protocols , 2008, J. Log. Algebraic Methods Program..

[37]  Carl A. Gunter,et al.  WSEmail: secure Internet messaging based on Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[38]  P. Cogn,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2009 .

[39]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[40]  Michael Backes,et al.  Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[41]  John C. Mitchell,et al.  A modular correctness proof of IEEE 802.11i and TLS , 2005, CCS '05.

[42]  Christos Faloutsos,et al.  Epidemic thresholds in real networks , 2008, TSEC.

[43]  P. S. Thiagarajan,et al.  Advances in Computing Science — ASIAN’99 , 1999, Lecture Notes in Computer Science.

[44]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[45]  John C. Mitchell,et al.  A derivation system and compositional logic for security protocols , 2005, J. Comput. Secur..

[46]  Martín Abadi,et al.  Automated verification of selected equivalences for security protocols , 2005, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05).

[47]  Andrew D. Gordon,et al.  Provable Implementations of Security Protocols , 2006, 21st Annual IEEE Symposium on Logic in Computer Science (LICS'06).

[48]  Bogdan Warinschi,et al.  A Modular Security Analysis of the TLS Handshake Protocol , 2008, ASIACRYPT.

[49]  Hans Hüttel,et al.  Deciding Framed Bisimilarity , 2003, INFINITY.

[50]  Jean Goubault-Larrecq,et al.  Cryptographic Protocol Analysis on Real C Code , 2005, VMCAI.

[51]  Roger M. Needham The changing environment for security protocols , 1997 .

[52]  Andrew D. Gordon,et al.  Verifying policy-based security for web services , 2004, CCS '04.

[53]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[54]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2001, Journal of Cryptology.

[55]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[56]  Bruno Blanchet,et al.  Automatic proof of strong secrecy for security protocols , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[57]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.