Operational Semantics and Verification of Security Protocols

Cremers, Cas; Mauw, Sjouke

doi:10.1007/978-3-540-78636-8

Cited by 126 publications

(110 citation statements)

References 90 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Generally, Message Sequence Charts (MSC) of protocol interactive communications are expressed by an ITU-standardized protocol specification language (ITU: International Telecommunication Union) [27] (in this paper, protocol specifications are expressed by the approaches from ITU and literature [28]). The symbolic description of the Needham-Schroeder protocol specifications is shown in Figure 2.…”

Section: The Protocol Symbolic Descriptionmentioning

confidence: 99%

A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace

Zhang

Wang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

The security analysis of protocols on theory level cannot guarantee the security of protocol implementations. To solve this problem, researchers have done a lot, and many achievements have been reached in this field, such as model extraction and code generation. However, the existing methods do not take the security of protocol implementations into account. In this paper, we have proposed to exploit the traces of function return values to analyze the security of protocol implementations at the source code level. Taking classic protocols into consideration, for example (like the Needham-Schroeder protocol and the Diffie-Hellman protocol, which cannot resist man-in-the-middle attacks), we have analyzed man-in-the-middle attacks during the protocol implementations and have carried out experiments. It has been shown in the experiments that our new method works well. Different from other methods of analyzing the security of protocol implementations in the literatures, our new method can avoid some flaws of program languages (like C language memory access, pointer analysis, etc.) and dynamically analyze the security of protocol implementations.

show abstract

Section: The Protocol Symbolic Descriptionmentioning

confidence: 99%

A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace

Zhang

Wang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In particular, we use the Scyther framework [14] for the automatic symbolic analysis of security protocols. The Scyther tool [12] has built-in support for compromising adversaries [2], including support for the analysis of (weak) perfect forward secrecy, resilience against KCI attacks, and finding unknown key share attacks.…”

Section: Formally Modelling the Protocols And Their Propertiesmentioning

confidence: 99%

Improving the ISO/IEC 11770 standard for key management techniques

Cremers

Horvat

2015

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

We provide the first systematic analysis of the ISO/IEC 11770 standard for key management techniques (2009, 2009), which describes a set of key establishment, key agreement, and key transport protocols. We analyse the claimed security properties, as well as additional modern requirements on key management protocols, for over 30 protocols and their variants. Our formal, tool-supported analysis of the protocols uncovers several incorrect claims in the standard. We provide concrete suggestions for improving the standard.

show abstract

“…In particular, we use the Scyther framework [13] for the automatic symbolic analysis of security protocols. The Scyther tool [11] has built-in support for compromising adversaries [2], and is therefore especially suitable for analysing security notions that are common in the domain of protocols for key agreement, exchange, and transport.…”

Section: Formally Modelling the Protocols And Their Propertiesmentioning

confidence: 99%

Improving the ISO/IEC 11770 Standard for Key Management Techniques

Cremers

Horvat

2014

Security Standardisation Research

Self Cite

View full text Add to dashboard Cite

Abstract. We provide the first systematic analysis of the ISO/IEC 11770 standard for key management techniques [18,19], which describes a set of key exchange, key authentication, and key transport protocols. We analyse the claimed security properties, as well as additional modern requirements on key management protocols, for 30 protocols and their variants. Our formal, tool-supported analysis of the protocols uncovers several incorrect claims in the standard. We provide concrete suggestions for improving the standard.

show abstract

Operational Semantics and Verification of Security Protocols

Cited by 126 publications

References 90 publications

A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace

A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace

Improving the ISO/IEC 11770 standard for key management techniques

Improving the ISO/IEC 11770 Standard for Key Management Techniques

Contact Info

Product

Resources

About