Darrell Kindred. Theory generation for security protocols. PhD Thesis CMU-CS-99-130, Carnegie Mellon University, 1999.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....is therefore a need for formal automated tools to assist in the design of security protocols. Many researchers have recently applied automated and semi automated formal techniques to analyze security protocols. These tools fall into roughly two classes : those based on theorem proving (e.g. [4, 10, 6]) and those based on model checking (e.g. 8, 9, 7] Tools differ in the degree of automation and expressiveness; often more automation is traded off against reduced expressiveness. Moreover, the assumptions made in modelling protocols make some tools better suited than others in catching ....

....Even if these do not happen, it is possible that the protocol breaks only when a certain configuration of multiple runs occurs, and there is no way to automatically figure out which runs are important for analyzing properties of interest. RVChecker is a theory generation tool based on Revere [6] which is based on belief logics. The core idea in this approach is to produce a finite representation of the set of all the facts derivable from a protocol specification. Verifying a particular property of interest then simply becomes testing for set membership. The advantage of this approach ....

[Article contains additional citation context not shown here]

Darrell Kindred. Theory Generation for Security Protocols. PhD thesis, Carnegie Mellon University, 1999.

.... several protocols [54] Kessler and Neumann [55] extended AUTOLOG [56] with predicates and rules to model accountability, and proved that the new calculus is correct with respect to the formal semantics given in [86] They then used this calculus to analyze SET [68] and Payword [77] Kindred [59] generated automatic checkers for both Kailar s logic and AUTOLOG using Revere. He then applied the resulting checkers to a variety of protocols. Finally, Clarke et al. [26] proposed a logic of knowledge for specifying security properties of electronic commerce protocols. They then used this logic ....

Darrell Kindred. Theory generation for security protocols. Technical Report CMU-CS-99130, Computer Science Department, Carnegie Mellon University, Pittsburgh, PA, 1999. Ph.D. thesis. 154

No context found.

Darrell Kindred. Theory generation for security protocols. PhD Thesis CMU-CS-99-130, Carnegie Mellon University, 1999.

....quick identification of all formulas in known that match a given premise, and we can propagate the fringe to backward chain, as mentioned above, to avoid redundant Srule applications early. See Kindred s thesis for a discussion of the implementation in REVERE and the set of optimizations it uses [Kin99] 12 Find the set of substitutions under which the given goals can be derived from known using G rules and rewrites, assuming formulas in visited to be unprovable. function backward chain(goals, known, visited) if goals = then return [ else (g, gs) # choose goal(goals) ....

....occ(v, G) nsyms(F ) # the number of functions, predicates, and variables in F , excluding those in atomic arguments occ(v, F ) # the number of occurrences of variable v in F , excluding occurrences in atomic arguments 19 This pre order satisfies conditions P1 P3 # (from Section 3. 1) Kin99] 5.1.2 Rules of Inference The BAN logic contains eleven basic rules of inference, each of which can be expressed as an # RW rule, written in the form P 1 , P 2 , Pm C Of these rules, ten are an S rules under the BAN pre order, the eleventh is a G rule, and each preserves the ....

[Article contains additional citation context not shown here]

Darrell Kindred. Theory generation for security protocols. PhD Thesis CMU-CS-99-130, Carnegie Mellon University, 1999.

....quick identification of all formulas in h that match a given premise, and we can propagate the fringe to o , as mentioned above, to avoid redundant Srule applications early. See Kindred s thesis for a discussion of the implementation in REVERE and the set of optimizations it uses [Kin99] 12 Find the set of substitutions under which the given goals can be derived from , using G rules and rewrites, assuming formulas in o uo u to be unprovable. function 0 o p 5 h ouo u = if 1 BA then return ,S TYA else 5 B0B p0 0 return ....

.... Z , 5 # the number of functions, predicates, and variables in , excluding those in atomic arguments u # the number of occurrences of variable in , excluding occurrences in atomic arguments 19 This pre order satisfies conditions P1 P3 (from Section 3. 1) Kin99] 5.1.2 Rules of Inference The BAN logic contains eleven basic rules of inference, each of which can be expressed as an 354 6 rule, written in the form P; 0 hR f0f f 0 s Of these rules, ten are an S rules under the BAN pre order, the eleventh is a G rule, and each preserves the ....

[Article contains additional citation context not shown here]

Darrell Kindred. Theory generation for security protocols. PhD Thesis CMU-CS-99-130, Carnegie Mellon University, 1999.

No context found.

D. Kindred and J.M. Wing. Theory generation for security protocols. ACM TOPLAS, July 1999.

No context found.

D. Kindred. Theory Generation for Security Protocols. PhD thesis, Carnegie Mellon University, 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC