Learn More
Attack trees have found their way to practice because they have proved to be an intuitive aid in threat analysis. Despite, or perhaps thanks to, their apparent simplicity, they have not yet been provided with an unambiguous semantics. We argue that such a formal interpretation is indispensable to precisely understand how attack trees can be manipulated(More)
We study High-level Message Sequence Charts – a concept incorporated into MSC96 for composing MSCs explicitly. A formal semantics is given which extends the accepted process algebra semantics of MSC92. We assess the language by studying a simple example, which leads us to consider the extension of HMSC with gates.
We introduce and give formal definitions of attack–defense trees. We argue that these trees are a simple, yet powerful tool to analyze complex security and privacy problems. Our formalization is generic in the sense that it supports different semantical approaches. We present several semantics for attack–defense trees along with usage scenarios, and we show(More)
This paper introduces an asynchronous optimistic certified email protocol, with stateless recipients, that relies on key chains to considerably reduce the storage requirements of the trusted third party. The proposed protocol thereby outperforms the existing schemes that achieve strong fairness. The paper also discusses the revocation of compromised keys as(More)
Recently the ITU standardised speci cation language Message Sequence Chart MSC IT has been extended with constructs for more complete and structured speci cations The new version of the language is called MSC Currently research is performed on the extension of the old formal semantics towards a semantics for MSC Ideally the development of a language and its(More)
We give an intuitive formal definition of untraceability in the standard Dolev-Yao intruder model, inspired by existing definitions of anonymity. We show how to verify whether communication protocols satisfy the untraceability property and apply our methods to known RFID protocols. We show a previously unknown attack on a published RFID protocol and use our(More)
Based on a concise domain analysis we develop a formal semantics of security protocols. Its main virtue is that it is a generic model, in the sense that it is parameterized over e.g. the intruder model. Further characteristics of the model are a straightforward handling of parallel execution of multiple protocols, locality of security claims, the binding of(More)