Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Principles of Security and Trust

POST 2012: Principles of Security and Trust pp 3–29Cite as

  1. Home
  2. Principles of Security and Trust
  3. Conference paper
Security Protocol Verification: Symbolic and Computational Models

Security Protocol Verification: Symbolic and Computational Models

  • Bruno Blanchet18 
  • Conference paper
  • 2071 Accesses

  • 50 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7215)

Abstract

Security protocol verification has been a very active research area since the 1990s. This paper surveys various approaches in this area, considering the verification in the symbolic model, as well as the more recent approaches that rely on the computational model or that verify protocol implementations rather than specifications. Additionally, we briefly describe our symbolic security protocol verifier ProVerif and situate it among these approaches.

Keywords

  • Security Protocol
  • Security Property
  • Computer Security
  • Symbolic Model
  • Horn Clause

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Abadi, M.: Secrecy by typing in security protocols. Journal of the ACM 46(5), 749–786 (1999)

    MathSciNet  MATH  Google Scholar 

  2. Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. Journal of the ACM 52(1), 102–146 (2005)

    MathSciNet  MATH  Google Scholar 

  3. Abadi, M., Blanchet, B.: Computer-assisted verification of a protocol for certified email. Science of Computer Programming 58(1-2), 3–27 (2005)

    MathSciNet  MATH  Google Scholar 

  4. Abadi, M., Blanchet, B., Fournet, C.: Just Fast Keying in the pi calculus. ACM TISSEC 10(3), 1–59 (2007)

    Google Scholar 

  5. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL 2001, pp. 104–115. ACM, New York (2001)

    Google Scholar 

  6. Abadi, M., Gordon, A.D.: A bisimulation method for cryptographic protocols. Nordic Journal of Computing 5(4), 267–303 (1998)

    MathSciNet  MATH  Google Scholar 

  7. Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)

    MathSciNet  MATH  Google Scholar 

  8. Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology 15(2), 103–127 (2002)

    MathSciNet  MATH  Google Scholar 

  9. Abdalla, M., Fouque, P.A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. IEE Proceedings Information Security 153(1), 27–39 (2006)

    Google Scholar 

  10. Adão, P., Bana, G., Herzog, J., Scedrov, A.: Soundness of Formal Encryption in the Presence of Key-Cycles. In: de Capitani di Vimercati, S., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 374–396. Springer, Heidelberg (2005)

    Google Scholar 

  11. Affeldt, R., Nowak, D., Yamada, K.: Certifying assembly with formal cryptographic proofs: the case of BBS. In: AVoCS 2009. Electronic Communications of the EASST, vol. 23. EASST (2009)

    Google Scholar 

  12. Aizatulin, M., Gordon, A.D., Jürjens, J.: Extracting and verifying cryptographic models from C protocol code by symbolic execution. In: CCS 2011, pp. 331–340. ACM, New York (2011)

    Google Scholar 

  13. Allamigeon, X., Blanchet, B.: Reconstruction of attacks against cryptographic protocols. In: CSFW 2005, pp. 140–154. IEEE, Los Alamitos (2005)

    Google Scholar 

  14. Arapinis, M., Duflot, M.: Bounding Messages for Free in Security Protocols. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 376–387. Springer, Heidelberg (2007)

    Google Scholar 

  15. Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: Verification of stateful processes. In: CSF 2011, pp. 33–47. IEEE, Los Alamitos (2011)

    Google Scholar 

  16. Armando, A., Compagna, L., Ganty, P.: SAT-Based Model-Checking of Security Protocols Using Planning Graph Analysis. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 875–893. Springer, Heidelberg (2003)

    Google Scholar 

  17. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Google Scholar 

  18. Bachmair, L., Ganzinger, H.: Resolution theorem proving. In: Handbook of Automated Reasoning, vol. 1, ch. 2, pp. 19–100. North-Holland (2001)

    Google Scholar 

  19. Backes, M., Cortesi, A., Maffei, M.: Causality-based abstraction of multiplicity in security protocols. In: CSF 2007, pp. 355–369. IEEE, Los Alamitos (2007)

    Google Scholar 

  20. Backes, M., Hofheinz, D., Unruh, D.: CoSP: A general framework for computational soundness proofs. In: CCS 2009, pp. 66–78. ACM, New York (2009)

    Google Scholar 

  21. Backes, M., Hritcu, C., Maffei, M.: Automated verification of remote electronic voting protocols in the applied pi-calculus. In: CSF 2008, pp. 195–209. IEEE, Los Alamitos (2008)

    Google Scholar 

  22. Backes, M., Laud, P.: Computationally sound secrecy proofs by mechanized flow analysis. In: CCS 2006, pp. 370–379. ACM, New York (2006)

    Google Scholar 

  23. Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy, pp. 202–215. IEEE, Los Alamitos (2008)

    Google Scholar 

  24. Backes, M., Maffei, M., Unruh, D.: Computationally sound verification of source code. In: CCS 2010, pp. 387–398. ACM, New York (2010)

    Google Scholar 

  25. Backes, M., Pfitzmann, B.: Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In: CSFW 2004, pp. 204–218. IEEE, Los Alamitos (2004)

    Google Scholar 

  26. Backes, M., Pfitzmann, B.: Relating symbolic and cryptographic secrecy. IEEE Transactions on Dependable and Secure Computing 2(2), 109–123 (2005)

    Google Scholar 

  27. Backes, M., Pfitzmann, B., Waidner, M.: A composable cryptographic library with nested operations. In: CCS 2003, pp. 220–230. ACM, New York (2003)

    Google Scholar 

  28. Backes, M., Pfiztmann, B., Scedrov, A.: Key-dependent message security under active attacks—BRSIM/UC soundness of symbolic encryption with key cycles. In: CSF 2007, pp. 112–124. IEEE, Los Alamitos (2007)

    Google Scholar 

  29. Backes, M., Unruh, D.: Computational soundness of symbolic zero-knowledge proofs against active attackers. In: CSF 2008, pp. 255–269. IEEE, Los Alamitos (2008)

    Google Scholar 

  30. Barthe, G., Daubignard, M., Kapron, B., Lakhnech, Y.: Computational indistinguishability logic. In: CCS 2010, pp. 375–386. ACM, New York (2010)

    Google Scholar 

  31. Barthe, G., Grégoire, B., Lakhnech, Y., Zanella Béguelin, S.: Beyond Provable Security Verifiable IND-CCA Security of OAEP. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 180–196. Springer, Heidelberg (2011)

    Google Scholar 

  32. Barthe, G., Grégoire, B., Heraud, S., Zanella Béguelin, S.: Formal Certification of ElGamal Encryption. A Gentle Introduction to CertiCrypt. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 1–19. Springer, Heidelberg (2009)

    Google Scholar 

  33. Barthe, G., Grégoire, B., Heraud, S., Béguelin, S.Z.: Computer-Aided Security Proofs for the Working Cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71–90. Springer, Heidelberg (2011)

    Google Scholar 

  34. Barthe, G., Grégoire, B., Zanella, S.: Formal certification of code-based cryptographic proofs. In: POPL 2009, pp. 90–101. ACM, New York (2009)

    Google Scholar 

  35. Basin, D., Mödersheim, S., Viganò, L.: An On-the-Fly Model-Checker for Security Protocol Analysis. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003)

    Google Scholar 

  36. Baudet, M.: Sécurité des protocoles cryptographiques: aspects logiques et calculatoires. Ph.D. thesis, Ecole Normale Supérieure de Cachan (2007)

    Google Scholar 

  37. Béguelin, S.Z., Barthe, G., Heraud, S., Grégoire, B., Hedin, D.: A machine-checked formalization of sigma-protocols. In: CSF 2010, pp. 246–260. IEEE, Los Alamitos (2010)

    Google Scholar 

  38. Béguelin, S.Z., Grégoire, B., Barthe, G., Olmedo, F.: Formally certifying the security of digital signature schemes. In: IEEE Symposium on Security and Privacy, pp. 237–250. IEEE, Los Alamitos (2009)

    Google Scholar 

  39. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS 1997, pp. 394–403. IEEE, Los Alamitos (1997)

    Google Scholar 

  40. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Google Scholar 

  41. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  42. Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)

    Google Scholar 

  43. Bengtson, J., Bhargavan, K., Fournet, C., Gordon, A., Maffeis, S.: Refinement types for secure implementations. ACM TOPLAS 33(2) (2011)

    Google Scholar 

  44. Bhargavan, K., Corin, R., Fournet, C., Zălinescu, E.: Cryptographically verified implementations for TLS. In: CCS 2008, pp. 459–468. ACM, New York (2008)

    Google Scholar 

  45. Bhargavan, K., Fournet, C., Gordon, A.: Modular verification of security protocol code by typing. In: POPL 2010, pp. 445–456. ACM, New York (2010)

    Google Scholar 

  46. Bhargavan, K., Fournet, C., Gordon, A., Tse, S.: Verified interoperable implementations of security protocols. ACM TOPLAS 31(1) (2008)

    Google Scholar 

  47. Bhargavan, K., Fournet, C., Gordon, A.D., Pucella, R.: TulaFale: A Security Tool for Web Services. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2003. LNCS, vol. 3188, pp. 197–222. Springer, Heidelberg (2004)

    Google Scholar 

  48. Blanchet, B.: Automatic verification of cryptographic protocols: A logic programming approach. In: PPDP 2003, pp. 1–3. ACM, New York (2003)

    Google Scholar 

  49. Blanchet, B.: Automatic proof of strong secrecy for security protocols. In: IEEE Symposium on Security and Privacy, pp. 86–100. IEEE, Los Alamitos (2004)

    Google Scholar 

  50. Blanchet, B.: Security protocols: From linear to classical logic by abstract interpretation. Information Processing Letters 95(5), 473–479 (2005)

    MathSciNet  MATH  Google Scholar 

  51. Blanchet, B.: Computationally sound mechanized proofs of correspondence assertions. In: CSF 2007, pp. 97–111. IEEE, Los Alamitos (2007)

    Google Scholar 

  52. Blanchet, B.: A computationally sound mechanized prover for security protocols. IEEE Transactions on Dependable and Secure Computing 5(4), 193–207 (2008)

    Google Scholar 

  53. Blanchet, B.: Automatic verification of correspondences for security protocols. Journal of Computer Security 17(4), 363–434 (2009)

    Google Scholar 

  54. Blanchet, B.: Using Horn clauses for analyzing security protocols. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols. Cryptology and Information Security Series, vol. 5, pp. 86–111. IOS Press, Amsterdam (2011)

    Google Scholar 

  55. Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)

    MathSciNet  MATH  Google Scholar 

  56. Blanchet, B., Chaudhuri, A.: Automated formal analysis of a protocol for secure file sharing on untrusted storage. In: IEEE Symposium on Security and Privacy, pp. 417–431. IEEE, Los Alamitos (2008)

    Google Scholar 

  57. Blanchet, B., Jaggard, A.D., Scedrov, A., Tsay, J.K.: Computationally sound mechanized proofs for basic and public-key Kerberos. In: ASIACCS 2008, pp. 87–99. ACM, New York (2008)

    Google Scholar 

  58. Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. Theoretical Computer Science 333(1-2), 67–90 (2005)

    MathSciNet  MATH  Google Scholar 

  59. Blanchet, B., Pointcheval, D.: Automated Security Proofs with Sequences of Games. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 537–554. Springer, Heidelberg (2006)

    Google Scholar 

  60. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Automatic validation of protocol narration. In: CSFW 2003, pp. 126–140. IEEE, Los Alamitos (2003)

    Google Scholar 

  61. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)

    Google Scholar 

  62. Bodei, C., Degano, P., Nielson, F., Nielson, H.R.: Flow logic for Dolev-Yao secrecy in cryptographic processes. Future Generation Comp. Syst. 18(6), 747–756 (2002)

    MATH  Google Scholar 

  63. Boichut, Y., Kosmatov, N., Vigneron, L.: Validation of Prouvé protocols using the automatic tool TA4SP. In: TFIT 2006, pp. 467–480 (2006)

    Google Scholar 

  64. Bolignano, D.: Towards a Mechanization of Cryptographic Protocol Verification. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  65. Borgström, J., Briais, S., Nestmann, U.: Symbolic Bisimulation in the Spi Calculus. In: Gardner, P., Yoshida, N. (eds.) CONCUR 2004. LNCS, vol. 3170, pp. 161–176. Springer, Heidelberg (2004)

    Google Scholar 

  66. Bozga, L., Lakhnech, Y., Périn, M.: Pattern-based abstraction for verifying secrecy in protocols. International Journal on Software Tools for Technology Transfer (STTT) 8(1), 57–76 (2006)

    Google Scholar 

  67. Broadfoot, P.J., Roscoe, A.W.: Embedding agents within the intruder to detect parallel attacks. Journal of Computer Security 12(3/4), 379–408 (2004)

    Google Scholar 

  68. Broadfoot, P., Lowe, G., Roscoe, B.: Automating Data Independence. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 175–190. Springer, Heidelberg (2000)

    Google Scholar 

  69. Brusó, M., Chatzikokolakis, K., den Hartog, J.: Formal verification of privacy for RFID systems. In: CSF 2010, pp. 75–88. IEEE, Los Alamitos (2010)

    Google Scholar 

  70. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proceedings of the Royal Society of London A 426(1871), 233–271 (1989)

    MathSciNet  MATH  Google Scholar 

  71. Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: FOCS 2001, pp. 136–145. IEEE, Los Alamitos (2001)

    Google Scholar 

  72. Canetti, R., Herzog, J.: Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 380–403. Springer, Heidelberg (2006)

    Google Scholar 

  73. Cervesato, I., Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: A meta-notation for protocol analysis. In: CSFW 1999, pp. 55–69. IEEE, Los Alamitos (1999)

    Google Scholar 

  74. Chaki, S., Datta, A.: ASPIER: An automated framework for verifying security protocol implementations. In: CSF 2009, pp. 172–185. IEEE, Los Alamitos (2009)

    Google Scholar 

  75. Chen, L., Ryan, M.: Attack, Solution and Verification for Shared Authorisation Data in TCG TPM. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 201–216. Springer, Heidelberg (2010)

    Google Scholar 

  76. Cheval, V., Comon-Lundh, H., Delaune, S.: Automating Security Analysis: Symbolic Equivalence of Constraint Systems. In: Giesl, J., Hähnle, R. (eds.) IJCAR 2010. LNCS (LNAI), vol. 6173, pp. 412–426. Springer, Heidelberg (2010)

    Google Scholar 

  77. Cheval, V., Comon-Lundh, H., Delaune, S.: Trace equivalence decision: Negative tests and non-determinism. In: CCS 2011, pp. 321–330. ACM, New York (2011)

    Google Scholar 

  78. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 124–135. Springer, Heidelberg (2003)

    Google Scholar 

  79. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. In: LICS 2003, pp. 261–270. IEEE, Los Alamitos (2003)

    Google Scholar 

  80. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. Theoretical Computer Science 338(1-3), 247–274 (2005)

    MathSciNet  MATH  Google Scholar 

  81. Chevalier, Y., Vigneron, L.: A tool for lazy verification of security protocols. In: ASE 2001, pp. 373–376. IEEE, Los Alamitos (2001)

    Google Scholar 

  82. Ciobâcă, Ş.: Automated Verification of Security Protocols with Appplications to Electronic Voting. Ph.D. thesis, ENS Cachan (2011)

    Google Scholar 

  83. Comon, H., Cortier, V.: Tree automata with one memory, set constraints and cryptographic protocols. Theoretical Computer Science 331(1), 143–214 (2005)

    MathSciNet  MATH  Google Scholar 

  84. Comon-Lundh, H., Cortier, V.: New Decidability Results for Fragments of First-Order Logic and Application to Cryptographic Protocols. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 148–164. Springer, Heidelberg (2003)

    Google Scholar 

  85. Comon-Lundh, H., Cortier, V.: Security properties: two agents are sufficient. Science of Computer Programming 50(1-3), 51–71 (2004)

    MathSciNet  MATH  Google Scholar 

  86. Comon-Lundh, H., Cortier, V.: Computational soundness of observational equivalence. In: CCS 2008, pp. 109–118. ACM, New York (2008)

    Google Scholar 

  87. Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: LICS 2003, pp. 271–280. IEEE, Los Alamitos (2003)

    Google Scholar 

  88. Cortier, V., Delaune, S.: A method for proving observational equivalence. In: CSF 2009, pp. 266–276. IEEE, Los Alamitos (2009)

    Google Scholar 

  89. Cortier, V., Hördegen, H., Warinschi, B.: Explicit randomness is not necessary when modeling probabilistic encryption. In: Dima, C., Minea, M., Tiplea, F. (eds.) ICS 2006. ENTCS, vol. 186, pp. 49–65. Elsevier, Amsterdam (2006)

    Google Scholar 

  90. Cortier, V., Kremer, S., Küsters, R., Warinschi, B.: Computationally Sound Symbolic Secrecy in the Presence of Hash Functions. In: Arun-Kumar, S., Garg, N. (eds.) FSTTCS 2006. LNCS, vol. 4337, pp. 176–187. Springer, Heidelberg (2006)

    Google Scholar 

  91. Cortier, V., Kremer, S., Warinschi, B.: A survey of symbolic methods in computational analysis of cryptographic systems. Journal of Automated Reasoning 46(3-4), 225–259 (2011)

    MathSciNet  MATH  Google Scholar 

  92. Cortier, V., Rusinowitch, M., Zălinescu, E.: Relating two standard notions of secrecy. Logical Methods in Computer Science 3(3) (2007)

    Google Scholar 

  93. Cortier, V., Warinschi, B.: Computationally Sound, Automated Proofs for Security Protocols. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 157–171. Springer, Heidelberg (2005)

    Google Scholar 

  94. Cortier, V., Warinschi, B.: A composable computational soundness notion. In: CCS 2011, pp. 63–74. ACM, New York (2011)

    Google Scholar 

  95. Cortier, V., Zălinescu, E.: Deciding Key Cycles for Security Protocols. In: Hermann, M., Voronkov, A. (eds.) LPAR 2006. LNCS (LNAI), vol. 4246, pp. 317–331. Springer, Heidelberg (2006)

    Google Scholar 

  96. Courant, J., Daubignard, M., Ene, C., Lafourcade, P., Lakhnech, Y.: Towards automated proofs for asymmetric encryption schemes in the random oracle model. In: CCS 2008, pp. 371–380. ACM, New York (2008)

    Google Scholar 

  97. Courant, J., Daubignard, M., Ene, C., Lafourcade, P., Lakhnech, Y.: Automated Proofs for Asymmetric Encryption. In: Dams, D., Hannemann, U., Steffen, M. (eds.) de Roever Festschrift. LNCS, vol. 5930, pp. 300–321. Springer, Heidelberg (2010)

    Google Scholar 

  98. Courant, J., Ene, C., Lakhnech, Y.: Computationally Sound Typing for Non-interference: The Case of Deterministic Encryption. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 364–375. Springer, Heidelberg (2007)

    Google Scholar 

  99. Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL 1979, pp. 269–282. ACM, New York (1979)

    Google Scholar 

  100. Cremers, C.J.F.: Scyther - Semantics and Verification of Security Protocols. Ph.D. thesis, Eindhoven University of Technology (2006)

    Google Scholar 

  101. Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: A derivation system and compositional logic for security protocols. Journal of Computer Security 13(3), 423–482 (2005)

    Google Scholar 

  102. Datta, A., Derek, A., Mitchell, J.C., Turuani, M.: Probabilistic Polynomial-Time Semantics for a Protocol Security Logic. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 16–29. Springer, Heidelberg (2005)

    Google Scholar 

  103. Datta, A., Derek, A., Mitchell, J.C., Warinschi, B.: Computationally sound compositional logic for key exchange protocols. In: CSFW 2006, pp. 321–334. IEEE, Los Alamitos (2006)

    Google Scholar 

  104. Delaune, S., Kremer, S., Ryan, M.D.: Symbolic Bisimulation for the Applied Pi Calculus. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 133–145. Springer, Heidelberg (2007)

    Google Scholar 

  105. Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security 17(4), 435–487 (2009)

    Google Scholar 

  106. Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: CSF 2011, pp. 66–82. IEEE, Los Alamitos (2011)

    Google Scholar 

  107. Denker, G., Meseguer, J., Talcott, C.: Protocol specification and analysis in Maude. In: FMSP 1998 (1998)

    Google Scholar 

  108. Denker, G., Millen, J.: CAPSL integrated protocol environment. In: DISCEX 2000, pp. 207–221. IEEE, Los Alamitos (2000)

    Google Scholar 

  109. Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Commun. ACM 24(8), 533–536 (1981)

    Google Scholar 

  110. Dierks, T., Rescorla, E.: RFC 4346: The Transport Layer Security (TLS) protocol, version 1.1 (2006), http://tools.ietf.org/html/rfc4346

  111. Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory IT-29(12), 198–208 (1983)

    MathSciNet  Google Scholar 

  112. Dupressoir, F., Gordon, A.D., Jürjens, J., Naumann, D.A.: Guiding a general-purpose C verifier to prove cryptographic protocols. In: CSF 2011, pp. 3–17. IEEE, Los Alamitos (2011)

    Google Scholar 

  113. Durante, L., Sisto, R., Valenzano, A.: Automatic testing equivalence verification of spi calculus specifications. ACM TOSEM 12(2), 222–284 (2003)

    Google Scholar 

  114. Durgin, N.A., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: Undecidability of bounded security protocols. In: FMSP 1999 (1999)

    Google Scholar 

  115. Durgin, N., Lincoln, P., Mitchell, J.C., Scedrov, A.: Multiset rewriting and the complexity of bounded security protocols. Journal of Computer Security 12(2), 247–311 (2004)

    Google Scholar 

  116. Durgin, N., Mitchell, J.C., Pavlovic, D.: A compositional logic for proving security properties of protocols. Journal of Computer Security 11(4), 677–721 (2003)

    Google Scholar 

  117. Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties. Theoretical Computer Science 367(1-2), 162–202 (2006)

    MathSciNet  MATH  Google Scholar 

  118. Fábrega, F.J.T., Herzog, J.C., Guttman, J.D.: Strand spaces: Proving security protocols correct. Journal of Computer Security 7(2/3), 191–230 (1999)

    Google Scholar 

  119. Feret, J.: Analysis of mobile systems by abstract interpretation. Ph.D. thesis, École Polytechnique (2005)

    Google Scholar 

  120. Fournet, C., Kohlweiss, M.: Modular cryptographic verification by typing. In: FCC 2011 (2011)

    Google Scholar 

  121. http://msr-inria.inria.fr/projects/sec/fs2cv/

  122. Galindo, D., Garcia, F.D., van Rossum, P.: Computational Soundness of Non-Malleable Commitments. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 361–376. Springer, Heidelberg (2008)

    Google Scholar 

  123. Genet, T., Klay, F.: Rewriting for Cryptographic Protocol Verification. In: McAllester, D. (ed.) CADE 2000. LNCS, vol. 1831, pp. 271–290. Springer, Heidelberg (2000)

    Google Scholar 

  124. Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28, 270–299 (1984)

    MathSciNet  MATH  Google Scholar 

  125. Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptative chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)

    MathSciNet  MATH  Google Scholar 

  126. Gordon, A.D., Jeffrey, A.: Typing One-to-One and One-to-Many Correspondences in Security Protocols. In: Okada, M., Babu, C.S., Scedrov, A., Tokuda, H. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 263–282. Springer, Heidelberg (2003)

    Google Scholar 

  127. Gordon, A., Jeffrey, A.: Authenticity by typing for security protocols. Journal of Computer Security 11(4), 451–521 (2003)

    Google Scholar 

  128. Gordon, A., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. Journal of Computer Security 12(3/4), 435–484 (2004)

    Google Scholar 

  129. Goubault-Larrecq, J.: A Method for Automatic Cryptographic Protocol Verification (Extended Abstract). In: Rolim, J.D.P. (ed.) IPDPS 2000 Workshops. LNCS, vol. 1800, pp. 977–984. Springer, Heidelberg (2000)

    Google Scholar 

  130. Goubault-Larrecq, J.: Deciding \({\cal H}_1\) by resolution. Information Processing Letters 95(3), 401–408 (2005)

    MathSciNet  MATH  Google Scholar 

  131. Goubault-Larrecq, J., Parrennes, F.: Cryptographic Protocol Analysis on Real C Code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005)

    Google Scholar 

  132. Halevi, S.: A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint Archive, Report 2005/181 (2005), http://eprint.iacr.org/2005/181

  133. Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: CSFW 2000, pp. 255–268. IEEE, Los Alamitos (2000)

    Google Scholar 

  134. Heather, J., Schneider, S.: A decision procedure for the existence of a rank function. Journal of Computer Security 13(2), 317–344 (2005)

    Google Scholar 

  135. Hüttel, H.: Deciding framed bisimilarity. In: INFINITY 2002, pp. 1–20 (2002)

    Google Scholar 

  136. Janvier, R., Lakhnech, Y., Mazaré, L.: Completing the Picture: Soundness of Formal Encryption in the Presence of Active Adversaries. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 172–185. Springer, Heidelberg (2005)

    Google Scholar 

  137. Janvier, R., Lakhnech, Y., Mazaré, L.: Relating the symbolic and computational models of security protocols using hashes. In: Degano, P., Küsters, R., Viganò, L., Zdancewic, S. (eds.) FCS-ARSPA 2006, pp. 67–89 (2006)

    Google Scholar 

  138. Jürjens, J.: Security analysis of crypto-based Java programs using automated theorem provers. In: ASE 2006, pp. 167–176. IEEE, Los Alamitos (2006)

    Google Scholar 

  139. Kremer, S., Ryan, M.D.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)

    Google Scholar 

  140. Küsters, R., Truderung, T.: Reducing protocol analysis with XOR to the XOR-free case in the Horn theory based approach. In: CCS 2008, pp. 129–138. ACM, New York (2008)

    Google Scholar 

  141. Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: CSF 2009, pp. 157–171. IEEE, Los Alamitos (2009)

    Google Scholar 

  142. Laud, P.: Handling Encryption in an Analysis for Secure Information Flow. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 159–173. Springer, Heidelberg (2003)

    Google Scholar 

  143. Laud, P.: Symmetric encryption in automatic analyses for confidentiality against active adversaries. In: IEEE Symposium on Security and Privacy, pp. 71–85. IEEE, Los Alamitos (2004)

    Google Scholar 

  144. Laud, P.: Secrecy types for a simulatable cryptographic library. In: CCS 2005, pp. 26–35. ACM, New York (2005)

    Google Scholar 

  145. Laud, P., Tšahhirov, I.: A User Interface for a Game-Based Protocol Verification Tool. In: Degano, P., Guttman, J. (eds.) FAST 2009. LNCS, vol. 5983, pp. 263–278. Springer, Heidelberg (2010)

    Google Scholar 

  146. Laud, P., Vene, V.: A Type System for Computationally Secure Information Flow. In: Liśkiewicz, M., Reischuk, R. (eds.) FCT 2005. LNCS, vol. 3623, pp. 365–377. Springer, Heidelberg (2005)

    Google Scholar 

  147. Liu, J., Lin, H.: A Complete Symbolic Bisimulation for Full Applied Pi Calculus. In: van Leeuwen, J., Muscholl, A., Peleg, D., Pokorný, J., Rumpe, B. (eds.) SOFSEM 2010. LNCS, vol. 5901, pp. 552–563. Springer, Heidelberg (2010)

    Google Scholar 

  148. Lowe, G.: Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)

    Google Scholar 

  149. Lowe, G.: A hierarchy of authentication specifications. In: CSFW 1997, pp. 31–43. IEEE, Los Alamitos (1997)

    Google Scholar 

  150. Lux, K.D., May, M.J., Bhattad, N.L., Gunter, C.A.: WSEmail: Secure internet messaging based on web services. In: ICWS 2005, pp. 75–82. IEEE, Los Alamitos (2005)

    Google Scholar 

  151. Meadows, C.A.: The NRL protocol analyzer: An overview. Journal of Logic Programming 26(2), 113–131 (1996)

    MATH  Google Scholar 

  152. Micciancio, D., Warinschi, B.: Soundness of Formal Encryption in the Presence of Active Adversaries. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 133–151. Springer, Heidelberg (2004)

    Google Scholar 

  153. Milicia, G.: χ-spaces: Programming security protocols. In: NWPT 2002 (2002)

    Google Scholar 

  154. Millen, J.: A necessarily parallel attack. In: FMSP 1999 (1999)

    Google Scholar 

  155. Millen, J., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: CCS 2001, pp. 166–175. ACM, New York (2001)

    Google Scholar 

  156. Millen, J.K.: The Interrogator model. In: IEEE Symposium on Security and Privacy, pp. 251–260. IEEE, Los Alamitos (1995)

    Google Scholar 

  157. Millen, J.K., Clark, S.C., Freedman, S.B.: The Interrogator: Protocol security analysis. IEEE Transactions on Software Engineering SE-13(2), 274–288 (1987)

    Google Scholar 

  158. Milner, R.: Communicating and mobile systems: the π-calculus. Cambridge University Press (1999)

    Google Scholar 

  159. Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using Murϕ. In: IEEE Symposium on Security and Privacy, pp. 141–151. IEEE, Los Alamitos (1997)

    Google Scholar 

  160. Monniaux, D.: Abstracting cryptographic protocols with tree automata. Science of Computer Programming 47(2-3), 177–202 (2003)

    MathSciNet  MATH  Google Scholar 

  161. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)

    MATH  Google Scholar 

  162. Nowak, D.: A Framework for Game-Based Security Proofs. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 319–333. Springer, Heidelberg (2007)

    Google Scholar 

  163. Nowak, D.: On Formal Verification of Arithmetic-Based Cryptographic Primitives. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 368–382. Springer, Heidelberg (2009)

    Google Scholar 

  164. O’Shea, N.: Using Elyjah to analyse Java implementations of cryptographic protocols. In: FCS-ARSPA-WITS 2008 (2008)

    Google Scholar 

  165. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6(1-2), 85–128 (1998)

    Google Scholar 

  166. Pironti, A., Sisto, R.: Provably correct Java implementations of spi calculus security protocols specifications. Computers and Security 29(3), 302–314 (2010)

    Google Scholar 

  167. Poll, E., Schubert, A.: Verifying an implementation of SSH. In: WITS 2007 (2007)

    Google Scholar 

  168. Pozza, D., Sisto, R., Durante, L.: Spi2Java: Automatic cryptographic protocol Java code generation from spi calculus. In: AINA 2004, vol. 1, pp. 400–405. IEEE, Los Alamitos (2004)

    Google Scholar 

  169. Sarukkai, S., Suresh, S.P.: Tagging Makes Secrecy Decidable with Unbounded Nonces as Well. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 363–374. Springer, Heidelberg (2003)

    Google Scholar 

  170. Roscoe, A.W., Broadfoot, P.J.: Proving security protocols with model checkers by data independence techniques. Journal of Computer Security 7(2, 3), 147–190 (1999)

    Google Scholar 

  171. Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. Theoretical Computer Science 299(1-3), 451–475 (2003)

    MathSciNet  MATH  Google Scholar 

  172. Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (2004), http://eprint.iacr.org/2004/332

  173. Smith, G., Alpízar, R.: Secure information flow with random assignment and encryption. In: FMSE 2006, pp. 33–43 (2006)

    Google Scholar 

  174. Song, D., Perrig, A., Phan, D.: AGVI - Automatic Generation, Verification, and Implementation of Security Protocols. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 241–245. Springer, Heidelberg (2001)

    Google Scholar 

  175. Song, D.X., Berezin, S., Perrig, A.: Athena: a novel approach to efficient automatic security protocol analysis. Journal of Computer Security 9(1/2), 47–74 (2001)

    Google Scholar 

  176. Sprenger, C., Backes, M., Basin, D., Pfitzmann, B., Waidner, M.: Cryptographically sound theorem proving. In: CSFW 2006, pp. 153–166. IEEE, Los Alamitos (2006)

    Google Scholar 

  177. Swamy, N., Chen, J., Fournet, C., Strub, P.Y., Bharagavan, K., Yang, J.: Secure distributed programming with value-dependent types. In: Chakravarty, M.M.T., Hu, Z., Danvy, O. (eds.) ICFP 2011, pp. 266–278. ACM, New York (2011)

    Google Scholar 

  178. Tšahhirov, I., Laud, P.: Application of Dependency Graphs to Security Protocol Analysis. In: Barthe, G., Fournet, C. (eds.) TGC 2007. LNCS, vol. 4912, pp. 294–311. Springer, Heidelberg (2008)

    Google Scholar 

  179. Weidenbach, C.: Towards an Automatic Analysis of Security Protocols in First-Order Logic. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 314–328. Springer, Heidelberg (1999)

    Google Scholar 

  180. Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: IEEE Symposium on Security and Privacy, pp. 178–194. IEEE, Los Alamitos (1993)

    Google Scholar 

  181. Yao, A.C.: Theory and applications of trapdoor functions. In: FOCS 1982, pp. 80–91. IEEE, Los Alamitos (1982)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. INRIA, École Normale Supérieure, CNRS, Paris, France

    Bruno Blanchet

Authors
  1. Bruno Blanchet
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università di Pisa, Largo Bruno Pontecorvo, 3, 56127, Pisa, Italy

    Pierpaolo Degano

  2. Computer Science, Worcester Polytechnic Institute, 100 Institute Road, 01609, Worcester, MA, USA

    Joshua D. Guttman

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blanchet, B. (2012). Security Protocol Verification: Symbolic and Computational Models. In: Degano, P., Guttman, J.D. (eds) Principles of Security and Trust. POST 2012. Lecture Notes in Computer Science, vol 7215. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28641-4_2

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-28641-4_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28640-7

  • Online ISBN: 978-3-642-28641-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature