Results 1  10
of
40,035
A calculus for cryptographic protocols: The spi calculus
 Information and Computation
, 1999
"... We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols; the ..."
Abstract

Cited by 919 (55 self)
 Add to MetaCart
We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols
Prudent Engineering Practice for Cryptographic Protocols
 Proc. IEEE Computer Society Symposium on Research in Security and Privacy
, 1994
"... We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines. They complem ..."
Abstract

Cited by 405 (17 self)
 Add to MetaCart
We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
 IN 14TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP (CSFW14
, 2001
"... We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its ..."
Abstract

Cited by 386 (11 self)
 Add to MetaCart
We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its
Random Oracles are Practical: A Paradigm for Designing Efficient Protocols
, 1995
"... We argue that the random oracle model  where all parties have access to a public random oracle  provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol P R for the ..."
Abstract

Cited by 1643 (75 self)
 Add to MetaCart
We argue that the random oracle model  where all parties have access to a public random oracle  provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol P R
A KeyManagement Scheme for Distributed Sensor Networks
 In Proceedings of the 9th ACM Conference on Computer and Communications Security
, 2002
"... Distributed Sensor Networks (DSNs) are adhoc mobile networks that include sensor nodes with limited computation and communication capabilities. DSNs are dynamic in the sense that they allow addition and deletion of sensor nodes after deployment to grow the network or replace failing and unreliable ..."
Abstract

Cited by 901 (11 self)
 Add to MetaCart
nodes. DSNs may be deployed in hostile areas where communication is monitored and nodes are subject to capture and surreptitious use by an adversary. Hence DSNs require cryptographic protection of communications, sensorcapture detection, key revocation and sensor disabling. In this paper, we present a
Decentralized Trust Management
 In Proceedings of the 1996 IEEE Symposium on Security and Privacy
, 1996
"... We identify the trust management problem as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, an ..."
Abstract

Cited by 1011 (25 self)
 Add to MetaCart
. 1. Introduction The importance of cryptographic techniques in a wide range of network s...
Ariadne: A secure ondemand routing protocol for ad hoc networks
, 2002
"... An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a n ..."
Abstract

Cited by 900 (11 self)
 Add to MetaCart
from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents a large number of types of DenialofService attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.
SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks
, 2003
"... An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vec ..."
Abstract

Cited by 522 (8 self)
 Add to MetaCart
. In order to support use with nodes of limited CPU processing capability, and to guard against DenialofService attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient oneway hash functions and do not use asymmetric cryptographic
Cryptographic Limitations on Learning Boolean Formulae and Finite Automata
 PROCEEDINGS OF THE TWENTYFIRST ANNUAL ACM SYMPOSIUM ON THEORY OF COMPUTING
, 1989
"... In this paper we prove the intractability of learning several classes of Boolean functions in the distributionfree model (also called the Probably Approximately Correct or PAC model) of learning from examples. These results are representation independent, in that they hold regardless of the syntact ..."
Abstract

Cited by 347 (15 self)
 Add to MetaCart
In this paper we prove the intractability of learning several classes of Boolean functions in the distributionfree model (also called the Probably Approximately Correct or PAC model) of learning from examples. These results are representation independent, in that they hold regardless of the syntactic form in which the learner chooses to represent its hypotheses. Our methods reduce the problems of cracking a number of wellknown publickey cryptosystems to the learning problems. We prove that a polynomialtime learning algorithm for Boolean formulae, deterministic finite automata or constantdepth threshold circuits would have dramatic consequences for cryptography and number theory: in particular, such an algorithm could be used to break the RSA cryptosystem, factor Blum integers (composite numbers equivalent to 3 modulo 4), and detect quadratic residues. The results hold even if the learning algorithm is only required to obtain a slight advantage in prediction over random guessing. The techniques used demonstrate an interesting duality between learning and cryptography. We also apply our results to obtain strong intractability results for approximating a generalization of graph coloring.
LanguageBased InformationFlow Security
 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS
, 2003
"... Current standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satisfies important security policies such as confidentiality. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."
Abstract

Cited by 821 (57 self)
 Add to MetaCart
Current standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satisfies important security policies such as confidentiality. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow.
Results 1  10
of
40,035