A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
An Optimized Intruder Model for SAT-based Model-Checking of Security Protocols
2005
Electronical Notes in Theoretical Computer Science
Preserved Fulltext
In previous work we showed that automatic SAT-based model-checking techniques based on a reduction of protocol (in)security problems to a sequence of propositional satisfiability problems can be used to ...
In this paper we present an optimized intruder model that may lead in many cases to shorter attacks which can be detected in our framework by generating smaller propositional formulae. ...
Acknowledgments We are grateful to Cristina Frà for her contribution to the implementation of the encodings for supporting such an optimized intruder. ...
doi:10.1016/j.entcs.2004.05.021
fatcat:gxgc5bvp35an7pjj3pmx5cwluy
Automatic SAT-Compilation of Protocol Insecurity Problems via Reduction to Planning
[chapter]
2002
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We describe a model-checker for security protocols based on our ideas and show that attacks to a set of well-known authentication protocols are quickly found by state-of-the-art SAT solvers. ...
Our approach results from the combination of a reduction of protocol insecurity problems to planning problems and well-known SAT-reduction techniques developed for planning. ...
Implementation and Computer Experiments We have implemented the above ideas in SATMC, a SAT-based Model-Checker for security protocol analysis. ...
doi:10.1007/3-540-36135-9_14
fatcat:6uh5hj4ufbaetexxkn3dlt22yi
SATMC: A SAT-Based Model Checker for Security-Critical Systems
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We present SATMC 3.0, a SAT-based bounded model checker for security-critical systems that stems from a successful combination of encoding techniques originally developed for planning with techniques developed ...
attack on the SAML-based Single Sign-On (SSO) for Google Apps, an authentication flaw in the SAML 2.0 Web Browser SSO Profile, and a number of attacks on PKCS#11 Security Tokens. ...
We are grateful to Luca Zanetti for his contribution in the design and implementation of the Goal Grounding and PLTL2SAT modules. ...
doi:10.1007/978-3-642-54862-8_3
fatcat:i6nk3wdmrveclbp3tzac3cqohq
Automated Security Protocol Analysis With the AVISPA Tool
2006
Electronical Notes in Theoretical Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The AVISPA Tool is a push-button tool for the Automated Validation of Internet Security Protocols and Applications. ...
Experimental results, carried out on a large library of Internet security protocols, indicate that the AVISPA Tool is a state-of-the-art tool for Internet security protocol analysis as, to our knowledge ...
Model-Checker OFMC, the Constraint-Logic-based Attack Searcher CL-AtSe, the SAT-based Model-Checker SATMC, and the TA4SP protocol analyzer, which verifies protocols by implementing tree automata based ...
doi:10.1016/j.entcs.2005.11.052
fatcat:es3r56p4wrdndckiybqwf7dez4
Comparing State Spaces in Automatic Security Protocol Analysis
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
There are several automatic tools available for the symbolic analysis of security protocols. The models underlying these tools differ in many aspects. ...
We apply our study of state space relations in a performance comparison of several well-known automatic tools for security protocol analysis. ...
Acknowledgements: We would like to thank the authors of several of the tools used in these tests for their helpful personal communications. ...
doi:10.1007/978-3-642-02002-5_5
fatcat:u5y43yopfvhd3mligaxhllxrbq
Formal Analysis of ISO/IEC 9798-2 Authentication Standard Using AVISPA
2013
2013 Eighth Asia Joint Conference on Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Use of formal methods is considered as a useful and efficient technique for the validation of security properties of the protocols. ...
In this paper, we analyze the protocols of ISO/IEC 9798-2 entity authentication standard using a state-ofthe-art tool for automated analysis named AVISPA. ...
SATMC (SAT-based Model Checker) performs protocol falsification and bounded verification for only typed protocol model. ...
doi:10.1109/asiajcis.2013.25
dblp:conf/asiajcis/ZiauddinM13
fatcat:sl3skc2bfrbvvlmvbtg6cyqruu
Automated Verification of Equivalence Properties of Cryptographic Protocols
2016
ACM Transactions on Computational Logic
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The procedure can handle a large set of cryptographic primitives, namely those which can be modeled by an optimally reducing convergent rewrite system. ...
We present a novel procedure to verify equivalence properties for bounded number of sessions. Our procedure is able to verify trace equivalence for determinate cryptographic protocols. ...
Conclusion and future work We present a novel Horn-clause resolution based procedure for verifying equivalence properties for a bounded number of sessions of cryptographic protocols. ...
doi:10.1145/2926715
fatcat:ojjokeb3sfgf3pcdohvlgqwr2y
Automated Verification of Equivalence Properties of Cryptographic Protocols
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The procedure can handle a large set of cryptographic primitives, namely those which can be modeled by an optimally reducing convergent rewrite system. ...
We present a novel procedure to verify equivalence properties for bounded number of sessions. Our procedure is able to verify trace equivalence for determinate cryptographic protocols. ...
Conclusion and future work We present a novel Horn-clause resolution based procedure for verifying equivalence properties for a bounded number of sessions of cryptographic protocols. ...
doi:10.1007/978-3-642-28869-2_6
fatcat:iwpss5zxrveofa2nvde7p5pbee
Automated verification of virtualized infrastructures
2011
Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
The combination of a complex topology and changes to it by an intruder is a problem that lies beyond the scope of previous analysis tools and to which we can give first positive verification results. ...
The different verification tools range from model checking to theorem proving; this allows us to exploit the complementary strengths of methods, and also to understand how to best represent the analysis ...
We thank Piotr Filipiuk for support on the SuccintSolver. ...
doi:10.1145/2046660.2046672
dblp:conf/ccs/BleikertzGM11
fatcat:fwo2gkviqrh5hevhigd74g2aye
Automatic verification of secrecy properties for linear logic specifications of cryptographic protocols
2004
Journal of symbolic computation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
intruder model. ...
Unlike traditional approaches based on model checking, we can reason about parametric, infinite-state systems; thus we do not pose any limitation on the number of parallel runs of a protocol. ...
Acknowledgements We would like to thank the anonymous reviewers of this paper for their helpful suggestions and advice. ...
doi:10.1016/j.jsc.2004.04.002
fatcat:sjmicevacfcr7orbzcxll7qdhi
An Authentication Protocol Based on Combined RFID-Biometric System
2012
International Journal of Advanced Computer Science and Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
For Security analysis of protocol proposed, we will use AVISPA and SPAN tools to verify the authentication and the secrecy. ...
Our protocol requires a PRNG (Pseud-Random Number Generator), a robust hash function and Biometric hash function. The Biometric hash function is used to optimize and to protect biometric data. ...
various techniques of validation (Model-checking, automate trees, resolution of constraints, Solver SAT). ...
doi:10.14569/ijacsa.2012.030411
fatcat:h4v5oykig5dr5mgp265nm7u5am
AVR: Abstractly Verifying Reachability
[chapter]
2020
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We present AVR, a push-button model checker for verifying state transition systems directly at the source-code level. ...
AVR uses information embedded in the word-level syntax of the design representation to automatically perform scalable model checking by combining a novel syntax-guided abstraction-refinement technique ...
-Bounded model checking (BMC) [15] allows for an alternative to the IC3+SA engine for quick bug hunting, especially for shallow bugs. ...
doi:10.1007/978-3-030-45190-5_23
fatcat:xk7elqf3zbcfdgftw7qedb4dtu
Deciding Security for Protocols with Recursive Tests
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Formal methods have shown their usefulness for providing a careful security analysis in the case of standard authentication and confidentiality protocols. ...
We provide NPTIME decision procedures for protocols with recursive tests and for a bounded number of sessions. ...
[11, 18] ) in modeling security protocols. ...
doi:10.1007/978-3-642-22438-6_6
fatcat:xrudx3vc4reqndhoemawkd37va
Chosen-name Attacks: An Overlooked Class of Type-flaw Attacks
2008
Electronical Notes in Theoretical Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
In the context of Dolev-Yao style analysis of security protocols, we consider the capability of an intruder to dynamically choose and assign names to agents. ...
Several examples of protocols that are vulnerable to this type of attack are given, including Lowe's modification of KSL. The consequences for automatic verification tools are discussed. ...
Acknowledgement We thank Cas Cremers, David Basin, Kristian Gjøsteen, and Suzana Andova for discussions and helpful comments. ...
doi:10.1016/j.entcs.2007.12.015
fatcat:qc7tfikz5retdix4gnaxwnlmqq
The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
The AVANTSSAR Platform is an integrated toolset for the formal specification and automated validation of trust and security of service-oriented architectures and other applications in the Internet of Services ...
These include, most notably, a serious flaw in the SAML-based Single Sign-On for Google Apps (now corrected by Google as a result of our findings). ...
The SAT-based Model Checker is an open, flexible platform for SATbased bounded model checking of security services. ...
doi:10.1007/978-3-642-28756-5_19
fatcat:n7ktur2bdbaireqbiu42k4bqzq
« Previous
Showing results 1 — 15 out of 898 results