Model Checking Security Protocols Draft Manuscript

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Danny Dolev,et al.  On the Security of Public Key Protocols (Extended Abstract) , 1981, FOCS.

[3]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[4]  Richard M. Karp,et al.  On the Security of Ping-Pong Protocols , 1982, Inf. Control..

[5]  Catherine A. Meadows,et al.  Applying Formal Methods to the Analysis of a Key Management Protocol , 1992, J. Comput. Secur..

[6]  Dennis Longley,et al.  An automatic search for security flaws in key management schemes , 1992, Comput. Secur..

[7]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[8]  Leslie Lamport,et al.  The temporal logic of actions , 1994, TOPL.

[9]  Tor Helleseth,et al.  Workshop on the theory and application of cryptographic techniques on Advances in cryptology , 1994 .

[10]  Catherine A. Meadows,et al.  The NRL Protocol Analyzer: An Overview , 1996, J. Log. Program..

[11]  Franz Baader,et al.  Unification in the Union of Disjoint Equational Theories: Combining Decision Procedures , 1992, CADE.

[12]  Catherine A. Meadows,et al.  A Formal Language for Cryptographic Protocol Requirements , 1996, Des. Codes Cryptogr..

[13]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[14]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[15]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[16]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[17]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[18]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[19]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[20]  Jonathan Millen A Necessarily Parallel Attack , 1999 .

[21]  David A. Basin Lazy Infinite-State Analysis of Security Protocols , 1999, CQRE.

[22]  Catherine A. Meadows,et al.  Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[23]  Dawn Xiaodong Song Athena: a new efficient automatic checker for security protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[24]  Chang Liu,et al.  Term rewriting and all that , 2000, SOEN.

[25]  Joshua D. Guttman,et al.  Protocol independence through disjoint encryption , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[26]  Somesh Jha,et al.  Verifying security protocols with Brutus , 2000, TSEM.

[27]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[28]  Michaël Rusinowitch,et al.  Protocol insecurity with finite number of sessions is NP-complete , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[29]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[30]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[31]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[32]  Harald Ganzinger,et al.  Automated complexity analysis based on ordered resolution , 2001, JACM.

[33]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[34]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[35]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[36]  Vitaly Shmatikov,et al.  Analysis of probabilistic contract signing , 2002, J. Comput. Secur..

[37]  Jonathan K. Millen,et al.  On the freedom of decryption , 2003, Inf. Process. Lett..

[38]  Enrico Tronci,et al.  Correct Hardware Design and Verification Methods , 2003, Lecture Notes in Computer Science.

[39]  Xu Mei Internet Key Exchange , 2003 .

[40]  Sebastian Mödersheim,et al.  OFMC: A symbolic model checker for security protocols , 2005, International Journal of Information Security.

[41]  Martín Abadi,et al.  Deciding knowledge in security protocols under equational theories , 2004, Theor. Comput. Sci..

[42]  Gavin Lowe,et al.  Analysing a stream authentication protocol using model checking , 2002, International Journal of Information Security.

[43]  John C. Mitchell,et al.  Multiset rewriting and the complexity of bounded security protocols , 2004, J. Comput. Secur..

[44]  Catherine A. Meadows,et al.  Formal specification and analysis of the Group Domain Of Interpretation Protocol using NPATRL and the NRL Protocol Analyzer , 2004, J. Comput. Secur..

[45]  Vitaly Shmatikov Probabilistic analysis of an anonymity system , 2004, J. Comput. Secur..

[46]  Alessandro Armando,et al.  SATMC: a SAT-based model checker for security protocols, business processes, and security APIs , 2004, International Journal on Software Tools for Technology Transfer.

[47]  Sebastian Mödersheim,et al.  Algebraic Intruder Deductions , 2005, LPAR.

[48]  Véronique Cortier,et al.  Computationally sound implementations of equational theories against passive adversaries , 2005, Inf. Comput..

[49]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[50]  Sandro Etalle,et al.  Analysing Password Protocol Security Against Off-line Dictionary Attacks , 2003, WISP@ICATPN.

[51]  Stéphanie Delaune,et al.  The Finite Variant Property: How to Get Rid of Some Algebraic Properties , 2005, RTA.

[52]  Martín Abadi,et al.  Automated verification of selected equivalences for security protocols , 2005, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05).

[53]  Birgit Pfitzmann,et al.  Limits of the Cryptographic Realization of Dolev-Yao-Style XOR , 2005, ESORICS.

[54]  Andrea Maggiolo-Schettini,et al.  Automatic Analysis of a Non-Repudiation Protocol , 2005, Electron. Notes Theor. Comput. Sci..

[55]  Mathieu Baudet,et al.  Deciding security of protocols against off-line guessing attacks , 2005, CCS '05.

[56]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[57]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[58]  Birgit Pfitzmann,et al.  Limits of the BRSIM/UC Soundness of Dolev-Yao Models with Hashes , 2006, ESORICS.

[59]  Martín Abadi,et al.  Guessing attacks and the computational soundness of static equivalence , 2006, J. Comput. Secur..

[60]  Alessandro Armando,et al.  SAT-based model-checking for security protocols analysis , 2008, International Journal of Information Security.

[61]  José Meseguer,et al.  Maude-NPA: Cryptographic Protocol Analysis Modulo Equational Properties , 2009, FOSAD.

[62]  Birgit Pfitzmann,et al.  The reactive simulatability (RSIM) framework for asynchronous systems , 2007, Inf. Comput..

[63]  Narciso Martí-Oliet,et al.  All About Maude - A High-Performance Logical Framework, How to Specify, Program and Verify Systems in Rewriting Logic , 2007, All About Maude.

[64]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[65]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.

[66]  José Meseguer,et al.  Variant Narrowing and Equational Unification , 2009, WRLA.

[67]  Stig Fr. Mjølsnes,et al.  A framework for compositional verification of security protocols , 2006, Inf. Comput..

[68]  Andrew D. Gordon,et al.  Verified implementations of the information card federated identity-management protocol , 2008, ASIACCS '08.

[69]  Srdjan Capkun,et al.  Let's Get Physical: Models and Methods for Real-World Security Protocols , 2009, TPHOLs.

[70]  Srdjan Capkun,et al.  Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[71]  Bruno Blanchet,et al.  Automatic verification of correspondences for security protocols , 2008, J. Comput. Secur..

[72]  Ralf Küsters,et al.  Using ProVerif to Analyze Protocols with Diffie-Hellman Exponentiation , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[73]  Paul E. Hoffman,et al.  Internet Key Exchange Protocol Version 2 (IKEv2) , 2010, RFC.

[74]  Reducing Protocol Analysis with XOR to the XOR-Free Case in the Horn Theory Based Approach , 2008, Journal of Automated Reasoning.

[75]  David A. Basin,et al.  Modeling and Analyzing Security in the Presence of Compromising Adversaries , 2010, ESORICS.

[76]  David A. Basin,et al.  Degrees of Security: Protocol Guarantees in the Face of Compromising Adversaries , 2010, CSL.

[77]  Véronique Cortier,et al.  A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems , 2011, Journal of Automated Reasoning.

[78]  D. Basin,et al.  Efficient decision procedures for message deducibility and static equivalence , 2010 .

[79]  Vipin Swarup,et al.  Metric Strand Spaces for Locale Authentication Protocols , 2010, IFIPTM.

[80]  Stéphanie Delaune,et al.  Computing Knowledge in Security Protocols Under Convergent Equational Theories , 2010, Journal of Automated Reasoning.

[81]  Mark Ryan,et al.  Election Verifiability in Electronic Voting Protocols , 2010, ESORICS.

[82]  Sebastian Mödersheim,et al.  Constraint differentiation: Search-space reduction for the constraint-based analysis of security protocols , 2010, J. Comput. Secur..

[83]  Cas J. F. Cremers,et al.  Key Exchange in IPsec Revisited: Formal Analysis of IKEv1 and IKEv2 , 2011, ESORICS.

[84]  David A. Basin,et al.  Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[85]  David Basin,et al.  Provably repairing the ISO/IEC 9798 standard for entity authentication , 2013, J. Comput. Secur..

[86]  Véronique Cortier,et al.  YAPA: A Generic Tool for Computing Intruder Knowledge , 2009, TOCL.