Results 1 - 10
of
4,207
The inductive approach to verifying cryptographic protocols
- Journal of Computer Security
, 1998
"... Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems. Proofs are generated using Isabelle/HOL. The human effort required to analyze a protocol can be as ..."
Abstract
-
Cited by 480 (29 self)
- Add to MetaCart
Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems. Proofs are generated using Isabelle/HOL. The human effort required to analyze a protocol can
Prudent Engineering Practice for Cryptographic Protocols
- Proc. IEEE Computer Society Symposium on Research in Security and Privacy
, 1994
"... We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines. They complem ..."
Abstract
-
Cited by 399 (15 self)
- Add to MetaCart
We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines
A calculus for cryptographic protocols: The spi calculus
- Information and Computation
, 1999
"... We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols; the ..."
Abstract
-
Cited by 898 (50 self)
- Add to MetaCart
We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols
On the Importance of Checking Cryptographic Protocols for Faults
, 1997
"... We present a theoretical model for breaking various cryptographic schemes by taking advantage of random hardware faults. We show how to attack certain implementations of RSA and Rabin signatures. An implementation of RSA based on the Chinese Remainder Theorem can be broken using a single erroneous s ..."
Abstract
-
Cited by 405 (6 self)
- Add to MetaCart
We present a theoretical model for breaking various cryptographic schemes by taking advantage of random hardware faults. We show how to attack certain implementations of RSA and Rabin signatures. An implementation of RSA based on the Chinese Remainder Theorem can be broken using a single erroneous
Security and Composition of Multi-party Cryptographic Protocols
- JOURNAL OF CRYPTOLOGY
, 1998
"... We present general definitions of security for multi-party cryptographic protocols, with focus on the task of evaluating a probabilistic function of the parties' inputs. We show that, with respect to these definitions, security is preserved under a natural composition operation. The definiti ..."
Abstract
-
Cited by 463 (19 self)
- Add to MetaCart
We present general definitions of security for multi-party cryptographic protocols, with focus on the task of evaluating a probabilistic function of the parties' inputs. We show that, with respect to these definitions, security is preserved under a natural composition operation
Cryptographic Protocols
, 1982
"... this paper only with one aspect of security: properties of the system that are hidden from an enemy who may make inferences. Informally, a participant (honest or dishonest) is presented with information and properties that he brings to the protocol as priori information. Whatever is to be excluded ..."
Abstract
-
Cited by 55 (7 self)
- Add to MetaCart
this paper only with one aspect of security: properties of the system that are hidden from an enemy who may make inferences. Informally, a participant (honest or dishonest) is presented with information and properties that he brings to the protocol as priori information. Whatever
Universally composable security: A new paradigm for cryptographic protocols
, 2013
"... We present a general framework for representing cryptographic protocols and analyzing their security. The framework allows specifying the security requirements of practically any cryptographic task in a unified and systematic way. Furthermore, in this framework the security of protocols is preserved ..."
Abstract
-
Cited by 833 (37 self)
- Add to MetaCart
We present a general framework for representing cryptographic protocols and analyzing their security. The framework allows specifying the security requirements of practically any cryptographic task in a unified and systematic way. Furthermore, in this framework the security of protocols
Cryptographic protocols
- In Proceedings of the fourteenth annual ACM Symopsium on Theory of Computing
, 1982
"... Multiset rewriting and the complexity of bounded ..."
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
- IN 14TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP (CSFW-14
, 2001
"... We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its ..."
Abstract
-
Cited by 391 (11 self)
- Add to MetaCart
We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its
Reasoning about Belief in Cryptographic Protocols
- Proceedings 1990 IEEE Symposium on Research in Security and Privacy
, 1990
"... Abstract. Analysis methods for cryptographic protocols have often focused on information leakage rather than on seeing whether a protocol meets its goals. Many protocols, however, fall far short of meeting their goals, sometimes for quite subtle reasons. We introduce a mechanism for reasoning about ..."
Abstract
-
Cited by 222 (6 self)
- Add to MetaCart
Abstract. Analysis methods for cryptographic protocols have often focused on information leakage rather than on seeing whether a protocol meets its goals. Many protocols, however, fall far short of meeting their goals, sometimes for quite subtle reasons. We introduce a mechanism for reasoning about
Results 1 - 10
of
4,207