Protocol-independent secrecy

@article{Millen2000ProtocolindependentS,
  title={Protocol-independent secrecy},
  author={J. Millen and H. Ruess},
  journal={Proceeding 2000 IEEE Symposium on Security and Privacy. S\&P 2000},
  year={2000},
  pages={110-119}
}
  • J. Millen, H. Ruess
  • Published 2000
  • Computer Science
  • Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000
Inductive proofs of secrecy invariants for cryptographic protocols can be facilitated by separating the protocol dependent part from the protocol-independent part. Our secrecy theorem encapsulates the use of induction so that the discharge of protocol-specific proof obligations is reduced to first-order reasoning. Also, the verification conditions are modularly associated with the protocol messages. Secrecy proofs for Otway-Rees (1987) and the corrected Needham-Schroeder protocol are given. 
Proving secrecy is easy enough
TLDR
A systematic proof procedure for establishing secrecy results for cryptographic protocols that is sound but incomplete in that it may fail to establish secrecy for some secure protocols, but it is amenable to mechanization, and it also has a convenient visual representation. Expand
Secrecy correctness for security protocols
  • K. Adi, L. Pene
  • Computer Science
  • First International Conference on Distributed Frameworks for Multimedia Applications
  • 2005
TLDR
This paper examines the possible behavior of the intruder and draws conclusions about how his knowledge evolves and what actions he can take to gain as much information as possible for building winning strategies for an attack. Expand
An Isabelle formalization of protocol-independent secrecy with an application to e-commerce
TLDR
A protocol-independent secrecy theorem is established and applied to several non-trivial protocols proposed for protecting the computation results of free-roaming mobile agents doing comparison shopping and provides a library of general theorems that can be applied to other protocols. Expand
Secrecy types for asymmetric communication
TLDR
A typed process calculus for security protocols in which types convey secrecy properties is developed, especially on public-key encryption, focusing on asymmetric communication primitives. Expand
Secrecy Types for Asymmetric Communication
TLDR
A typed process calculus for security protocols in which types convey secrecy properties is developed, especially on public-key encryption, which presents special difficulties on asymmetric communication primitives. Expand
Secrecy Types for Asymmetric CommunicationMart
We develop a typed process calculus for security protocols in which types convey secrecy properties. We focus on asymmetric communication primitives, especially on public-key encryption. TheseExpand
Automating and Simplifying Agreement and Secrecy Verification using PVS
In this thesis we present a system for assisting with theorem proving of security protocols. The desirability of theorem proving is examined and a method of automating the encoding, and some sectionsExpand
Automating and Simplifying Agreement and Secrecy Verification using PVS
TLDR
The desirability of theorem proving is examined and a method of automating the encoding, and some sections of the proof, are demonstrated, and a system for assisting with theorem proving of security protocols is presented. Expand
An approach to prove confidentiality of cryptographic protocols with non-atomic keys
We propose an approach to prove confidentiality of non-atomic key cryptographic protocols based on Dolev-Yao model in this paper. We use graph to make the analysis more intuitional. Moreover, ourExpand
Towards a Logic for Verification of Security Protocols
TLDR
The verification of cryptographic protocols has been intensively studied these last years and a first step towards formal proofs of protocols was to define formal models used to express the semantics of the protocols and sometimes their properties. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 13 REFERENCES
Verifying Authentication Protocols in CSP
TLDR
The paper aims to develop a specific theory appropriate to the analysis of authentication protocols, built on top of the general CSP semantic framework. Expand
The Inductive Approach to Verifying Cryptographic Protocols
Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-stateExpand
Honest ideals on strand spaces
TLDR
The authors introduce the notion of an ideal-a set of messages closed under encryption and invariant under composition with arbitrary messages-to express principles to prove bounds on a penetrator's capabilities, independent of the security protocol being analyzed. Expand
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
  • G. Lowe
  • Computer Science
  • Softw. Concepts Tools
  • 1996
TLDR
This paper uses FDR, a refinement checker for CSP to discover an attack upon the Needham-Schroeder Public-Key Protocol, which allows an intruder to impersonate another agent, and adapt the protocol, and uses FDR to show that the new protocol is secure, at least for a small system. Expand
A logic of authentication
TLDR
This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols. Expand
Efficient and timely mutual authentication
TLDR
A protocol for efficient mutual authentication (via a mutually trusted third party) that assures both principal parties of the timeliness of the interaction without the use of clocks or double encipherment is described. Expand
Reasoning about belief in cryptographic protocols
  • L. Gong, R. Needham, R. Yahalom
  • Computer Science
  • Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
TLDR
A mechanism is presented for reasoning about belief as a systematic way to understand the working of cryptographic protocols and places a strong emphasis on the separation between the content and the meaning of messages. Expand
A Necessarily Parallel Attack
TLDR
It is proved that a parallel attack is necessary, because the protocol is shown to be secure under non-parallel attacks, and an inductive approach is used in the PVS verification environment. Expand
Undecidability of bounded security protocols
TLDR
A magnetic head lifting device for a tape recorder is disclosed in which the turning force of a capstan shaft is used as a drive source for theHead lifting device, which provides a positive engagement and disengagement between the capStan shaft and the rotary body and prevents any malfunction due to an excessive rotation of theRotary body by the capston shaft. Expand
we. Breaking and xing the Needham- Sc hroeder public-key protocol using FDR
  • In Pr oceedings of TACAS,
  • 1996
...
1
2
...