Results 1  10
of
14,560
Flow Logic for DolevYao Secrecy in Cryptographic Processes
, 2002
"... We introduce the SPIcalculus that strengthens the notion of "perfect symmetric cryptography" of the spicalculus by making encryption history dependent. We give our calculus an operational and a static semantics. The latter is a control ow analysis (CFA), defined in the form of a ow logic ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
logic, and it is proved semantically correct. We then apply our CFA to check security properties; in particular, we show that secrecy à la DolevYao can be expressed in terms of the CFA.
Random polynomialtime attacks and DolevYao models
"... Keywords: Cryptographic protocols, random polynomial time, DolevYao model, Markov decision processes. 1 Introduction Proving the security of cryptographic protocols has been a major concern ever since flaws werefirst discovered in some established protocols, the most wellknown example being [20]. ..."
Abstract
 Add to MetaCart
Keywords: Cryptographic protocols, random polynomial time, DolevYao model, Markov decision processes. 1 Introduction Proving the security of cryptographic protocols has been a major concern ever since flaws werefirst discovered in some established protocols, the most wellknown example being [20
Random polynomialtime attacks and DolevYao models
 JOURNAL OF AUTOMATA, LANGUAGES AND COMBINATORICS
, 2005
"... In this paper we present an extension of DolevYao models for security protocols with a notion of random polynomialtime (Las Vegas) computability. First we notice that DolevYao models can be seen as transition systems, possibly infinite. We then extend these transition systems with computation tim ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
In this paper we present an extension of DolevYao models for security protocols with a notion of random polynomialtime (Las Vegas) computability. First we notice that DolevYao models can be seen as transition systems, possibly infinite. We then extend these transition systems with computation
A calculus for cryptographic protocols: The spi calculus
 Information and Computation
, 1999
"... We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols; the ..."
Abstract

Cited by 919 (55 self)
 Add to MetaCart
We introduce the spi calculus, an extension of the pi calculus designed for the description and analysis of cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols
New Directions in Cryptography
, 1976
"... Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper sug ..."
Abstract

Cited by 3499 (7 self)
 Add to MetaCart
Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper
The DolevYao Intruder is the Most Powerful Attacker
 Proceedings of the Sixteenth Annual Symposium on Logic in Computer Science  LICS'01
, 2001
"... Most systems designed for the verification of security protocols operate under the unproved assumption that an attack can only result from the combination of a fixed number of message transformations, which altogether constitute the capabilities of the socalled DolevYao intruder. In this paper, we ..."
Abstract

Cited by 29 (1 self)
 Add to MetaCart
Most systems designed for the verification of security protocols operate under the unproved assumption that an attack can only result from the combination of a fixed number of message transformations, which altogether constitute the capabilities of the socalled DolevYao intruder. In this paper
NonMalleable Cryptography
 SIAM Journal on Computing
, 2000
"... The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related. ..."
Abstract

Cited by 490 (21 self)
 Add to MetaCart
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related
Prudent Engineering Practice for Cryptographic Protocols
 Proc. IEEE Computer Society Symposium on Research in Security and Privacy
, 1994
"... We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines. They complem ..."
Abstract

Cited by 405 (17 self)
 Add to MetaCart
We present principles for the design of cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have avoided a considerable number of published errors. Our principles are informal guidelines
Complexity of Fairness Constraints for the DolevYao Attacker Model
"... Liveness properties do, in general, not hold in the DolevYao attacker model, unless we assume that certain communication channels are resilient, i.e. they do not lose messages. The resilient channels assumption can be seen as a fairness constraint for the DolevYao attacker model. Here we study th ..."
Abstract
 Add to MetaCart
Liveness properties do, in general, not hold in the DolevYao attacker model, unless we assume that certain communication channels are resilient, i.e. they do not lose messages. The resilient channels assumption can be seen as a fairness constraint for the DolevYao attacker model. Here we study
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
 IN 14TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP (CSFW14
, 2001
"... We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its ..."
Abstract

Cited by 386 (11 self)
 Add to MetaCart
We present a new automatic cryptographic protocol verifier based on a simple representation of the protocol by Prolog rules, and on a new efficient algorithm that determines whether a fact can be proved from these rules or not. This verifier proves secrecy properties of the protocols. Thanks to its
Results 1  10
of
14,560