Open AccessDOI
Scyther : semantics and verification of security protocols
Reads0
Chats0
TLDR
This thesis develops a formal model for the description and analysis of security protocols at the process level, and develops an automated veri??cation procedure, which improves over existing methods and is applied in two novel case studies.Abstract:
Recent technologies have cleared the way for large scale application of electronic communication. The open and distributed nature of these communications implies that the communication medium is no longer completely controlled by the communicating parties. As a result, there has been an increasing demand for research in establishing secure communications over insecure networks, by means of security protocols. In this thesis, a formal model for the description and analysis of security protocols at the process level is developed. At this level, under the assumption of perfect cryptography, the analysis focusses on detecting aws and vulnerabilities of the security protocol. Starting from ??rst principles, operational semantics are developed to describe security protocols and their behaviour. The resulting model is parameterized, and can e.g. capture various intruder models, ranging from a secure network with no intruder, to the strongest intruder model known in literature. Within the security protocol model various security properties are de??ned, such as secrecy and various forms of authentication. A number of new results about these properties are formulated and proven correct. Based on the model, an automated veri??cation procedure is developed, which signi ??cantly improves over existing methods. The procedure is implemented in a prototype, which outperforms other tools. Both the theory and tool are applied in two novel case studies. Using the tool prototype, new results are established in the area of protocol composition, leading to the discovery of a class of previously undetected attacks. Furthermore, a new protocol in the area of multiparty authentication is developed. The resulting protocol is proven correct within the framework.read more
Citations
More filters
Book ChapterDOI
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols
TL;DR: The most effective approach so far has been automated falsification or verification of such protocols with state-of-the-art tools such as ProVerif or the Avispa tools, which have shown to be effective at finding attacks on protocols or establishing correctness of protocols.
What is protocol analysis
TL;DR: The following is a transcript of one of the discussion sessions that took place during the Workshop on Games, Action and Social Software at the Lorentz Center in Leiden: "Is logic useful for the analysis of protocols, and if so, how?"
Journal ArticleDOI
A Survey on LoRa Networking: Research Problems, Current Solutions, and Open Issues
TL;DR: This article provides a comprehensive survey on LoRa networks, including the technical challenges of deployingLoRa networks and recent solutions, and some open issues of LoRa networking are discussed.
Journal ArticleDOI
Automatic verification of correspondences for security protocols
TL;DR: In this paper, the authors present a technique for verifying correspondences in security protocols, which can handle an unbounded number of sessions of the protocol, and it is efficient in practice.
Journal ArticleDOI
Book review: Applied cryptography: Protocols, algorithms, and source code in C
TL;DR: This is Applied Cryptography Protocols Algorithms And Source Code In C Applied Cryptographic Protocols algorithms and Source Code in C By Schneier Bruce Author Nov 01 1995 the best ebook that you can get right now online.
References
More filters
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Journal ArticleDOI
The model checker SPIN
TL;DR: An overview of the design and structure of the verifier, its theoretical foundation, and an overview of significant practical applications are given.
Proceedings ArticleDOI
Universally composable security: a new paradigm for cryptographic protocols
TL;DR: The notion of universally composable security was introduced in this paper for defining security of cryptographic protocols, which guarantees security even when a secure protocol is composed of an arbitrary set of protocols, or more generally when the protocol is used as a component of a system.
Book
Applied Cryptography: Protocols, Algorithms, and Source Code in C
Bruce Schneier,Phil Sutherland +1 more
TL;DR: This document describes the construction of protocols and their use in the real world, as well as some examples of protocols used in the virtual world.