An NP decision procedure for protocol insecurity with XOR
Y Chevalier, R Küsters, M Rusinowitch… - Theoretical Computer …, 2005 - Elsevier
We provide a method for deciding the insecurity of cryptographic protocols in the presence
of the standard Dolev-Yao intruder (with a finite number of sessions) extended with so-called …
of the standard Dolev-Yao intruder (with a finite number of sessions) extended with so-called …
Automatic verification of privacy properties in the applied pi calculus
We develop a formal method verification technique for cryptographic protocols. We focus on
proving observational equivalences of the kind P~ Q, where the processes P and Q have the …
proving observational equivalences of the kind P~ Q, where the processes P and Q have the …
Modeling and analyzing security in the presence of compromising adversaries
We present a framework for modeling adversaries in security protocol analysis, ranging from
a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of …
a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of …
Intruder Deduction for AC-Like Equational Theories with Homomorphisms
P Lafourcade, D Lugiez, R Treinen - … , RTA 2005, Nara, Japan, April 19-21 …, 2005 - Springer
Cryptographic protocols are small programs which involve a high level of concurrency and
which are difficult to analyze by hand. The most successful methods to verify such protocols …
which are difficult to analyze by hand. The most successful methods to verify such protocols …
Tagging makes secrecy decidable with unbounded nonces as well
R Ramanujam, SP Suresh - … on Foundations of Software Technology and …, 2003 - Springer
Tagging schemes have been used in security protocols to ensure that the analysis of such
protocols can work with messages of bounded length. When the set of nonces is bounded …
protocols can work with messages of bounded length. When the set of nonces is bounded …
Hermes: An automatic tool for verification of secrecy in security protocols
L Bozga, Y Lakhnech, M Périn - … Conference, CAV 2003, Boulder, CO, USA …, 2003 - Springer
Cryptography is not sufficient for implementing secure exchange of secrets or
authentification. Logical flaws in the protocol design may lead to incorrect behavior even …
authentification. Logical flaws in the protocol design may lead to incorrect behavior even …
Comparison of cryptographic verification tools dealing with algebraic properties
P Lafourcade, V Terrade, S Vigier - … on Formal Aspects in Security and …, 2009 - Springer
Recently Kuesters et al proposed two new methods using ProVerif for analyzing
cryptographic protocols with Exclusive-Or and Diffie-Hellman properties. Some tools, for …
cryptographic protocols with Exclusive-Or and Diffie-Hellman properties. Some tools, for …
Easy intruder deductions
H Comon-Lundh, R Treinen - … : Theory and Practice: Essays Dedicated to …, 2003 - Springer
We investigate extensions of the Dolev-Yao model of a passive intruder into a cryptographic
protocol by some algebraic properties of cryptographic primitives. We provide sufficient …
protocol by some algebraic properties of cryptographic primitives. We provide sufficient …
Degrees of security: Protocol guarantees in the face of compromising adversaries
We present a symbolic framework, based on a modular operational semantics, for
formalizing different notions of compromise relevant for the analysis of cryptographic …
formalizing different notions of compromise relevant for the analysis of cryptographic …
A tool for lazy verification of security protocols
Y Chevalier, L Vigneron - Proceedings 16th Annual …, 2001 - ieeexplore.ieee.org
We present the lazy strategy implemented in a compiler of cryptographic protocols, Casrul.
The purpose of this compiler is to verify protocols and to translate them into rewrite rules that …
The purpose of this compiler is to verify protocols and to translate them into rewrite rules that …