Is the Verification Problem for Cryptographic Protocols Solved?

  • Giampaolo Bella
  • Cristiano Longo
  • Lawrence C. Paulson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3364)


Experience gained in the formal verification of cryptographic protocols is discussed. Many protocols have been analysed successfully thus far, but emerging goals may raise new challenges. However, existing formal approaches appear to be sufficiently scalable.


Smart Card Security Protocol Trusted Third Party Cryptographic Protocol High Order Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Glew, N., Horne, B., Pinkas, B.: Certified email with a light on-line trusted third party: Design and implementation. In: Proceedings of the 11th International Conference on Wold Wide Web (WWW 2002). ACM Press and Addison Wesley (2002)Google Scholar
  2. 2.
    Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology 15, 103–127 (2002)zbMATHMathSciNetGoogle Scholar
  3. 3.
    Abdallah, A., Ryan, P., Schneider, S. (eds.): Formal Aspects of Security, Technical Report CSD-TR-02-13 (2002)Google Scholar
  4. 4.
    Backes, M., Pfitzmann, B., Waidner, M.: A universally composable cryptographic library. preprint, IBM Zürich Research Laboratory (2003)Google Scholar
  5. 5.
    Bella, G.: Inductive verification of smart card protocols. J. of Comp. Sec. 11(1), 87–132 (2003)Google Scholar
  6. 6.
    Bella, G., Longo, C., Paulson, L.C.: Verifying second-level security protocols. In: Basin, D., Wolff, B. (eds.) TPHOLs 2003. LNCS, vol. 2758, pp. 352–366. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Bella, G., Massacci, F., Paulson, L.C.: The verification of an industrial payment protocol: The SET purchase phase. In: Atluri, V. (ed.) 9th ACM Conference on Computer and Communications Security, pp. 12–20. ACM Press, New York (2002)CrossRefGoogle Scholar
  8. 8.
    Bella, G., Paulson, L.C.: Kerberos version IV: Inductive analysis of the secrecy goals. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 361–375. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Bella, G., Paulson, L.C.: Mechanical proofs about a non-repudiation protocol. In: Boulton, R.J., Jackson, P.B. (eds.) TPHOLs 2001. LNCS, vol. 2152, pp. 91–104. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. Proceedings of the Royal Society of London 426, 233–271 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Cohen, E.: TAPS: A first-order verifier for cryptographic protocols. In: Proc. of the 13th IEEE Comp. Sec. Found. Workshop, pp. 144–158. IEEE Comp. Society Press, Los Alamitos (2000)CrossRefGoogle Scholar
  12. 12.
    Gürgens, S., Rudolph, C.: Security analysis of (un-) fair non-repudiation protocols. In: Abdallah, et al. (eds.) [3] Technical Report CSD-TR-02-13Google Scholar
  13. 13.
    Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using CSP and FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)Google Scholar
  14. 14.
    Lowe, G., Roscoe, B.: Using CSP to Detect Errors in the TMN Protocol. IEEE Trans. on Software Engineering 3(10) (1997)Google Scholar
  15. 15.
    Needham, R.M., Schroeder, M.: Using encryption for authentication in large networks of computers. Comm. of the ACM 21(12), 993–999 (1978)zbMATHCrossRefGoogle Scholar
  16. 16.
    Norman, G., Shmatikov, V.: Analysis of probabilistic contract signing. In: Abdallah, et al. (eds.) [3] Technical Report CSD-TR-02-13 Google Scholar
  17. 17.
    Paulson, L.C.: The inductive approach to verifying cryptographic protocols. J. of Comp. Sec. 6, 85–128 (1998)Google Scholar
  18. 18.
    Paulson, L.C.: Inductive analysis of the internet protocol TLS. ACM Trans. on Inform. and Sys. Sec. 2(3), 332–351 (1999)CrossRefGoogle Scholar
  19. 19.
    Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Giampaolo Bella
    • 1
    • 2
  • Cristiano Longo
    • 2
  • Lawrence C. Paulson
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK
  2. 2.Dipartimento di Matematica e InformaticaUniversità di CataniaCataniaItaly

Personalised recommendations