Static Analysis for the π-Calculus with Applications to Security

Bodei, Chiara; Degano, Pierpaolo; Nielson, Flemming; Nielson, Hanne Riis

doi:10.1006/inco.2000.3020

Cited by 68 publications

(74 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Thus, one can use the standard techniques for protocol analysis based on formal methods (e.g. type systems [1], control flow analysis [6], model checkers [9,11], etc.) to check if a given protocol is DY P -safe.…”

Section: Discussionmentioning

confidence: 99%

A Note on the Perfect Encryption Assumption in a Process Calculus

Zunino

Degano

2004

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We consider a secrecy property in a simple process calculus with cryptographic primitives. The standard Dolev-Yao attacker is enhanced so that it can guess the key for decrypting an intercepted message. We borrow from the computational complexity approach to secrecy the assumptions that guessing succeeds with a given negligible probability and that the resources available to attackers are polynomially bound. Under these hypotheses we prove that the standard Dolev-Yao attacker is as powerful as the enhanced one.

show abstract

Section: Discussionmentioning

confidence: 99%

A Note on the Perfect Encryption Assumption in a Process Calculus

Zunino

Degano

2004

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Research in this active branch of computer security has led to a variety of formal techniques; some of these are based on process algebras [8]- [11]; others on proof techniques for authentication logic [12]- [14]; some exploit type systems and other static analyses [15], [16]; yet others use automata [17]. A common analysis strategy is to test the behaviour of one's protocol specification within a hostile environment, by running it in a setting in which the presence of honest participants is complemented with a malicious adversary.…”

Section: Introductionmentioning

confidence: 99%

Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

Beek

Moiso

Petrocchi

2007

The Third Advanced International Conference on Telecommunications (AICT'07)

View full text Add to dashboard Cite

Abstract-We describe a formal approach to the analysis of security aspects of an identity federation protocol for web services in convergent networks. This network protocol was proposed by Telecom Italia as a solution to allow end users to access services on the web through different access networks without explicitly providing any credentials, while the service providers can trust the user's identity information provided by the access networks and access some user data. As a first step towards a fullblown formal security analysis of the protocol, we specify three user scenarios in the process algebra Crypto-CCS and verify the vulnerability of one of these specifications w.r.t. a man-in-themiddle attack with the model checker PaMoChSA.

show abstract

“…Other approaches are based on proof techniques for authentication logic (e.g., [12,13,14]). Type systems and other static analyses have also been successfully exploited (e.g., [15,16]). …”

Section: Introductionmentioning

confidence: 99%

Formal analysis of some secure procedures for certificate delivery

Martinelli¹,

Petrocchi²,

Vaccarelli³

2006

Softw. Test. Verif. Reliab.

View full text Add to dashboard Cite

Abstract. The paper describes and formally analyzes two communication protocols to manage the secure emission of digital certificates. The formal analysis is carried out by means of a software tool for the automatic verification of cryptographic protocols with finite behaviour. The tool is able to discover, at a conceptual level, attacks against security procedures. The methodology is general enough to be applied to several kinds of cryptographic procedures and protocols. It is opinion of the authors that this survey contributes towards a better understanding of the structure and aims of a protocol, both for developers, analyzers and final users.

show abstract

Static Analysis for the π-Calculus with Applications to Security

Cited by 68 publications

References 27 publications

A Note on the Perfect Encryption Assumption in a Process Calculus

A Note on the Perfect Encryption Assumption in a Process Calculus

Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

Formal analysis of some secure procedures for certificate delivery

Contact Info

Product

Resources

About