Proceedings ArticleDOI
A hierarchy of authentication specifications
Gavin Lowe
- pp 31-43
Reads0
Chats0
TLDR
It is suggested that the appropriate authentication requirement will depend upon the use to which the protocol is put, and the model checker FDR can be used to test whether a system running the protocol meets such a specification.Abstract:
Many security protocols have the aim of authenticating one agent to another. Yet there is no clear consensus in the academic literature about precisely what "authentication" means. We suggest that the appropriate authentication requirement will depend upon the use to which the protocol is put, and identify several possible definitions of "authentication". We formalize each definition using the process algebra CSP, use this formalism to study their relative strengths, and show how the model checker FDR can be used to test whether a system running the protocol meets such a specification.read more
Citations
More filters
Proceedings ArticleDOI
Casper: a compiler for the analysis of security protocols
TL;DR: Casper is described, a program that automatically produces the CSP description from a more abstract description, thus greatly simplifying the modelling and analysis process.
Journal ArticleDOI
OFMC: A symbolic model checker for security protocols
TL;DR: The on-the-fly model checker OFMC is presented, a tool that combines two ideas for analyzing security protocols based on lazy, demand-driven search and the integration of symbolic techniques and optimizations for modeling a lazy Dolev–Yao intruder whose actions are generated in a demand- driven way.
Proceedings ArticleDOI
Strand spaces: why is a security protocol correct?
TL;DR: This paper applies the strand space formalism to prove the correctness of the Needham-Schroeder-Lowe protocol and proves a generally useful lemma, as a sample result giving a general bound on the abilities of the penetrator in any protocol.
Journal ArticleDOI
Automated Security Protocol Analysis With the AVISPA Tool
TL;DR: Experimental results indicate that the AVISPA Tool is a state-of-the-art tool for Internet security protocol analysis as, to the authors' knowledge, no other tool exhibits the same level of scope and robustness while enjoying the same performance and scalability.
Scyther : semantics and verification of security protocols
TL;DR: This thesis develops a formal model for the description and analysis of security protocols at the process level, and develops an automated veri??cation procedure, which improves over existing methods and is applied in two novel case studies.
References
More filters
Journal ArticleDOI
Communicating sequential processes
TL;DR: It is suggested that input and output are basic primitives of programming and that parallel composition of communicating sequential processes is a fundamental program structuring method.
Journal ArticleDOI
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Journal ArticleDOI
A logic of authentication
TL;DR: This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols.
Proceedings ArticleDOI
A logic of authentication
TL;DR: This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols.