• Publications
  • Influence
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols
  • C. Cremers
  • Computer Science, Mathematics
    CAV
  • 7 July 2008
TLDR
The most effective approach so far has been automated falsification or verification of such protocols with state-of-the-art tools such as ProVerif or the Avispa tools, which have shown to be effective at finding attacks on protocols or establishing correctness of protocols.
The TAMARIN Prover for the Symbolic Analysis of Security Protocols
The Tamarin prover supports the automated, unbounded, symbolic analysis of security protocols. It features expressive languages for specifying protocols, adversary models, and properties, and support
Decentralized Privacy-Preserving Proximity Tracing
TLDR
This system, referred to as DP3T, provides a technological foundation to help slow the spread of SARS-CoV-2 by simplifying and accelerating the process of notifying people who might have been exposed to the virus so that they can take appropriate measures to break its transmission chain.
Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties
TLDR
A general approach for the symbolic analysis of security protocols that use Diffie-Hellman exponentiation to achieve advanced security properties using a novel constraint-solving algorithm that supports both falsification and verification, even in the presence of an unbounded number of protocol sessions.
A Formal Security Analysis of the Signal Messaging Protocol
TLDR
This work extracts from the implementation a formal description of the abstract protocol, and defines a security model which can capture the "ratcheting" key update structure, and proves the security of Signal's core in this model, demonstrating several standard security properties.
ARPKI: Attack Resilient Public-Key Infrastructure
TLDR
ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research, and it is co-designed with a formal model, and its core security property is verified using the Tamarin prover.
Key Exchange in IPsec Revisited: Formal Analysis of IKEv1 and IKEv2
  • C. Cremers
  • Computer Science
    ESORICS
  • 12 September 2011
TLDR
While no significant weaknesses are found on the secrecy of the session keys established by IKE, several previously unreported weaknesses on the authentication properties of IKE are found.
Distance Hijacking Attacks on Distance Bounding Protocols
TLDR
A formal framework for reasoning about distance bounding protocols is extended to include overshadowing attacks, and it is used to prove the absence of all of the found attacks for protocols to which countermeasures have been applied.
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees
TLDR
This work presents a design called Asynchronous Ratcheting Trees (ART), which uses tree-based Diffie-Hellman key exchange to allow a group of users to derive a shared symmetric key even if no two are ever online at the same time.
Operational Semantics and Verification of Security Protocols
  • C. Cremers, S. Mauw
  • Computer Science, Mathematics
    Information Security and Cryptography
  • 30 October 2012
TLDR
A tool set called Scyther is developed that can automatically find attacks on security protocols or prove their correctness and is ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols.
...
...