A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols

Cremers, Cas; Fontaine, Caroline; Jacomme, Charlie

doi:10.1109/sp46214.2022.9833800

Cited by 10 publications

(8 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our work demonstrates that this approach offers a straightforward, high-level strategy for conducting computer-assisted proofs of cryptographic protocols, offering asymptotic security guarantees within the computational model. This is reinforced by the development of the interactive prover Squirrel and its application across different case studies [Baelde et al 2021;Baelde et al 2022;Cremers et al 2022;Baelde et al 2024], summarized in Figure 4. The number of LoC mentioned includes both the model and the proof script.…”

Section: Discussionmentioning

confidence: 99%

“…The case studies are divided into two blocks, with non-stateful protocols first and then stateful ones. The Squirrel prover was extended to post-quantum security proofs in [Cremers et al 2022], the corresponding protocols with security guarantees against a quantum attacker are indicated with a ⋆. Ongoing and Future Work.…”

Section: Discussionmentioning

confidence: 99%

“…The CCSA logic was later extended into a meta-logic, which served as basis for the first version of Squirrel [Baelde et al 2021], before being generalized to a fully-fledged higher-order logic in [Baelde et al 2023]. The Squirrel tool is a proof assistant developed in a collaborative effort, which has been successfully used on a variety of case studies [Baelde et al 2022;Comon et al 2020;Cremers et al 2022]. Instructions for installing the system are available on its website, together with a user manual, tutorials, and an in-browser interface for playing with the tool without installing it: https://squirrel-prover.github.io…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The Squirrel Prover and its Logic

Baelde,

Delaune,

Jacomme

et al. 2024

ACM SIGLOG News

Self Cite

View full text Add to dashboard Cite

Security protocols are widely used today to secure transactions that take place over public channels like the Internet. Common uses include the secure transfer of sensitive information such as credit card numbers, or user authentication on a system. Because of their presence in many widely used applications ( e.g. electronic commerce, government-issued ID), developing methods and tools to verify security protocols has become an important research challenge. Such tools help increase our trust in protocols, and hence on the applications that rely on them.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The Squirrel Prover and its Logic

Baelde,

Delaune,

Jacomme

et al. 2024

ACM SIGLOG News

Self Cite

View full text Add to dashboard Cite

show abstract

“…To verify the security of the protocol, we can also use formal proofs, e.g., BAN logic [21], Real-Or-Random (ROR) [22], Random Oracle Model (ROM) [23], or Syverson-Van Oorschot (SVO) [24]. However, these proofs are very complex, so for verifying protocols, we mostly used the tools that automatically implement the described methods for verifying protocols (Scyther [25,26], Tamarin [27,28], ProVerif [29][30][31], AVISPA [32], or the tool mentioned in [5]).…”

Section: Related Workmentioning

confidence: 99%

Methodology of Testing the Security of Cryptographic Protocols Using the CMMTree Framework

Piątkowski,

Szymoniak

2023

Applied Sciences

View full text Add to dashboard Cite

Internet communication is one of the significant aspects of modern civilization. People use banking, health, social, or shopping platforms and send a lot of data. Each communication should be secured and protected against dishonest users’ activities during its transfer via network links. Cryptographic protocols provide such security and protection. Because of the evolution of the vulnerabilities and attackers’ methods, the cryptographic protocols should be regularly verified. This paper presents a methodology for testing the security of cryptographic protocols using the CMMTree framework. We developed and adapted a software package for analyzing cryptographic protocols regarding compatibility with the CMMTree framework using a predicate according to the approach described in Siedlecka-Lamch et al.’s works. We optimized and strengthened the mentioned approach with tree optimization methods and a lexicographic sort rule. Next, we researched the well-known security protocols using a developed tool and compared and verified the results using sorted and shuffled data. This work produced promising results. No attacks on the tested protocols were discovered.

show abstract

“…When verifying security protocols, we can use methods such as time automatics [28,29], BAN logic [30], GNY logic [31], real-or-random (ROR) [32], random Oracle model (ROM) [33], or Syverson-Van Oorschot (SVO) logic [34]. In addition, protocol verification is possible with such tools as Scyther [35,36], Tamarin [37,38], ProVerif [39][40][41], Avispa [42], or the tools mentioned in [22,43], or [44].…”

Section: Introductionmentioning

confidence: 99%

Key Agreement and Authentication Protocols in the Internet of Things: A Survey

Szymoniak

Kesar

2022

Applied Sciences

View full text Add to dashboard Cite

The rapid development of Internet of things (IoT) technology has made the IoT applicable in many areas of life and has contributed to the IoT’s improvement. IoT devices are equipped with various sensors that enable them to perform the tasks they were designed for. The use of such devices is associated with securing communication between devices and users. The key stages of communication are the processes of authentication and the process of agreeing on session keys because they are the basis of the subsequent communication phases. The specially designed security protocols are used to secure communication. These protocols define the course of communication and cryptographic techniques employed for securing. In this article, we have reviewed the latest communication protocols designed to secure authentication processes and agree on session keys in IoT environments. We analyzed the proposed protocols’ security level, vulnerability, and computational and communication costs. We showed our observations, describing the requirements that a secure protocol should meet.

show abstract

A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols

Cited by 10 publications

References 60 publications

The Squirrel Prover and its Logic

The Squirrel Prover and its Logic

Methodology of Testing the Security of Cryptographic Protocols Using the CMMTree Framework

Key Agreement and Authentication Protocols in the Internet of Things: A Survey

Contact Info

Product

Resources

About