#### Filter Results:

- Full text PDF available (21)

#### Publication Year

2005

2017

- This year (1)
- Last 5 years (10)
- Last 10 years (22)

#### Publication Type

#### Co-author

#### Journals and Conferences

#### Key Phrases

Learn More

- Benedikt Schmidt, Ralf Sasse, Cas J. F. Cremers, David A. Basin
- 2014 IEEE Symposium on Security and Privacy
- 2014

We advance the state-of-the-art in automated symbolic cryptographic protocol analysis by providing the first algorithm that can handle Diffie-Hellman exponentiation, bilinear pairing, and AC-operators. Our support for AC-operators enables protocol specifications to use multisets, natural numbers, and finite maps. We implement the algorithm in the TAMARIN… (More)

- David A. Basin, Cas J. F. Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, Pawel Szalachowski
- ACM Conference on Computer and Communications…
- 2014

We present ARPKI, a public-key infrastructure that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research. Moreover, ARPKI is co-designed with a… (More)

- Santiago Escobar, José Meseguer, Ralf Sasse
- RTA
- 2008

An equational theory decomposed into a set B of equational axioms and a set Δ of rewrite rules has the finite variant (FV) property in the sense of Comon-Lundh and Delaune iff for each term t there is a finite set {t1,. .. , tn} of →Δ,B-normalized instances of t so that any instance of t normalizes to an instance of some ti modulo B. This is a very useful… (More)

- David A. Basin, Jannik Dreier, Ralf Sasse
- ACM Conference on Computer and Communications…
- 2015

Many cryptographic security definitions can be naturally formulated as observational equivalence properties. However, existing automated tools for verifying the observational equivalence of cryptographic protocols are limited: they do not handle protocols with mutable state and an unbounded number of sessions. We propose a novel definition of observational… (More)

- Ravinder Shankesi, Musab AlTurki, Ralf Sasse, Carl A. Gunter, José Meseguer
- ESORICS
- 2009

Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for… (More)

- Santiago Escobar, José Meseguer, Ralf Sasse
- Electr. Notes Theor. Comput. Sci.
- 2009

Narrowing is a well-known complete procedure for equational E-unification when E can be decomposed as a union E = ∆ B with B a set of axioms for which a finitary unification algorithm exists, and ∆ a set of confluent, terminating, and B-coherent rewrite rules. However, when B = ∅, effective narrowing strategies such as basic narrowing easily fail to be… (More)

- Ralf Sasse, José Meseguer
- Electr. Notes Theor. Comput. Sci.
- 2007

Investigate modularity and extensibility of programming languages Hoare logics Source-code level reasoning. Generic and modular program logics wanted. Develop theorem proving technology on top of the logics. This case study is a first step in this direction. Hoare logic for this programming language with side-effects, mathematically justified. ASIP+ITP We… (More)

- Wolfgang Ahrendt, Andreas Roth, Ralf Sasse
- LPAR
- 2005

This paper presents a methodology for automatically validating program transformation rules that are part of a calculus for Java source code verification. We target the Java Dynamic Logic calculus which is implemented in the interactive prover of the KeY system. As a basis for validation, we take an existing SOS style rewriting logic semantics for Java,… (More)

- Serdar Erbatur, Santiago Escobar, +7 authors Ralf Sasse
- CADE
- 2013

We present a new paradigm for unification arising out of a technique commonly used in cryptographic protocol analysis tools that employ unification modulo equational theories. This paradigm relies on: (i) a decomposition of an equational theory into (R, E) where R is conflu-ent, terminating, and coherent modulo E, and (ii) on reducing unification problems… (More)

- Serdar Erbatur, Santiago Escobar, +7 authors Ralf Sasse
- ESORICS
- 2012

We address a problem that arises in cryptographic protocol analysis when the equational properties of the cryptosystem are taken into account: in many situations it is necessary to guarantee that certain terms generated during a state exploration are in normal form with respect to the equational theory. We give a tool-independent methodology for state… (More)