I offer some reminiscences about work by Cathy Meadows as well as about working with and for Cathy Meadows. I also recall cryptographic protocol properties introduced in our work in the 1990s and show their applicability to analyzing novel protocols today. Specifically, I describe a recent protocol  for anonymous proof of account ownership using the novel primitive of secure channel injection (SCI). And I describe how the claim of transcript privacy for a specific SCI protocol depends on an implicit and not necessarily justified assumption of key virginity. I also discuss ways to modify the protocol to achieve intended goals.
- 1.Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2, August 2008. https://tools.ietf.org/html/rfc5246
- 4.Meadows, C.: Emerging issues and trends in formal methods in cryptographic protocol analysis: twelve years later. In: Martí-Oliet, N., Ölveczky, P.C., Talcott, C. (eds.) Logic, Rewriting, and Concurrency. LNCS, vol. 9200, pp. 475–492. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23165-5_22CrossRefzbMATHGoogle Scholar
- 6.Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3, August 2018. https://tools.ietf.org/html/rfc8446
- 8.Wang, L., Asharov, G., Pass, R., Ristenpart, T., shelat, a.: Blind certificate authorities. In: Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P 2019), May 2019. https://eprint.iacr.org/2018/1022