ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A logic of authentication
Full text PdfPdf (1.39 MB)
Source ACM Transactions on Computer Systems (TOCS) archive
Volume 8 ,  Issue 1  (February 1990) table of contents
Pages: 18 - 36  
Year of Publication: 1990
ISSN:0734-2071
Authors
Michael Burrows  Digital Equipment Corp., Palo Alto, CA
Martin Abadi  Digital Equipment Corp., Palo Alto, CA
Roger Needham  Univ. of Cambridge, Cambridge, UK
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 47,   Downloads (12 Months): 655,   Citation Count: 162
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/77648.77649
What is a DOI?

ABSTRACT

Authentication protocols are the basis of security in many distributed systems, and it is therefore essential to ensure that these protocols function correctly. Unfortunately, their design has been extremely error prone. Most of the protocols found in the literature contain redundancies or security flaws. A simple logic has allowed us to describe the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication. We have been able to explain a variety of authentication protocols formally, to discover subtleties and errors in them, and to suggest improvements. In this paper we present the logic and then give the results of our analysis of four published protocols, chosen either because of their practical importance or because they serve to illustrate our method.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
R. K. Bauer , T. A. Berson , R. J. Feiertag, A key distribution protocol using event markers, ACM Transactions on Computer Systems (TOCS), v.1 n.3, p.249-255, August 1983  [doi>10.1145/357369.357373]
 
2
Michael Burrows , Martín Abadi , Roger M. Needham, Authentication: A Practical Study in Belief and Action, Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge, p.325-342, March 01, 1988
 
3
BURROWS, M., ABADI, M., AND NEEDHAM, R.M. A logic of authentication. Rep. 39, Digital Equipment Corporation Systems Research Center, Palo Alto, Calif., Feb. 1989.
 
4
CCITT. CCITT draft recommendation X.509. The directory-authentication framework, version 7. CCITT, Gloucester, Nov. 1987.
5
Richard A. DeMillo , Nancy A. Lynch , Michael J. Merritt, Cryptographic protocols, Proceedings of the fourteenth annual ACM symposium on Theory of computing, p.383-400, May 05-07, 1982, San Francisco, California, United States  [doi>10.1145/800070.802214]
6
Dorothy E. Denning , Giovanni Maria Sacco, Timestamps in key distribution protocols, Communications of the ACM, v.24 n.8, p.533-536, Aug. 1981  [doi>10.1145/358722.358740]
 
7
DOLEV, D., AND YAO, A.C. On the security of public key protocols. IEEE Trans. Inf. Theory IT-29, 2 (Mar. 1983), 198-208.
8
Joseph Y. Halpern , Yoram Moses, Knowledge and common knowledge in a distributed environment, Proceedings of the third annual ACM symposium on Principles of distributed computing, p.50-61, August 27-29, 1984, Vancouver, British Columbia, Canada  [doi>10.1145/800222.806735]
9
Joseph Halpern , Yjoram Moses , Mark Tuttle, A knowledge-based analysis of zero knowledge, Proceedings of the twentieth annual ACM symposium on Theory of computing, p.132-147, May 02-04, 1988, Chicago, Illinois, United States  [doi>10.1145/62212.62224]
10
C. A. R. Hoare, An axiomatic basis for computer programming, Communications of the ACM, v.12 n.10, p.576-580, Oct. 1969  [doi>10.1145/363235.363259]
 
11
MERRITT, M. J., AND WOLPER, P.L. States of knowledge in cryptographic protocols. Draft.
 
12
Jonathan K. Millen , Sidney C. Clark , Sheryl B. Freeman, The interrogator: protocol security analysis, IEEE Transactions on Software Engineering, v.13 n.2, p.274-288, Feb. 1987  [doi>10.1109/TSE.1987.233151]
 
13
MILLER, S. P., NEUMAN, C., SCHILLER, J. I., AND SALTZER, J.H. Kerberos authentication and authorization system. In Project Athena Technical Plan, Sect. E.2.1. MIT, Cambridge, Mass., July 1987.
 
14
National Bureau of Standards. Data encryption standard. Fed. Inf. Process. Stand. Publ. 46. National Bureau of Standards, Washington, D.C., Jan. 1977.
15
Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978  [doi>10.1145/359657.359659]
16
Dave Otway , Owen Rees, Efficient and timely mutual authentication, ACM SIGOPS Operating Systems Review, v.21 n.1, p.8-10, Jan. 1987  [doi>10.1145/24592.24594]
17
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
18
M. Satyanarayanan, Integrating security in a large distributed system, ACM Transactions on Computer Systems (TOCS), v.7 n.3, p.247-280, Aug. 1989  [doi>10.1145/65000.65002]
19
Victor L. Voydock , Stephen T. Kent, Security Mechanisms in High-Level Network Protocols, ACM Computing Surveys (CSUR), v.15 n.2, p.135-171, June 1983  [doi>10.1145/356909.356913]

CITED BY  162
Nevin Heintze , J. D. Tygar, A Model for Secure Protocols and Their Compositions, IEEE Transactions on Software Engineering, v.22 n.1, p.16-30, January 1996
Thomas Y. C. Woo , Simon S. Lam, Authentication for Distributed Systems, Computer, v.25 n.1, p.39-52, January 1992
Alan Harbitter , Daniel A. Menascé, A methodology for analyzing the performance of authentication protocols, ACM Transactions on Information and System Security (TISSEC), v.5 n.4, p.458-491, November 2002
Armando Fox , Steven D. Gribble, Security on the move: indirect authentication using Kerberos, Proceedings of the 2nd annual international conference on Mobile computing and networking, p.155-164, November 1996, Rye, New York, United States
Paul F. Syverson, Adding time to a logic of authentication, Proceedings of the 1st ACM conference on Computer and communications security, p.97-101, November 03-05, 1993, Fairfax, Virginia, United States
Janice Glasgow , Glenn Macewen , Prakash Panangaden, A logic for reasoning about security, ACM Transactions on Computer Systems (TOCS), v.10 n.3, p.226-264, Aug. 1992
Peter Chapin , Christian Skalka , X. Sean Wang, Risk assessment in distributed authorization, Proceedings of the 2005 ACM workshop on Formal methods in security engineering, November 11-11, 2005, Fairfax, VA, USA
SangYeob Na , SuhHyun Cheon, Role delegation in role-based access control, Proceedings of the fifth ACM workshop on Role-based access control, p.39-44, July 26-28, 2000, Berlin, Germany
Liu Dongxi , Li Xiaoyong , Bai Yingcai, An attack-finding algorithm for security protocols, Journal of Computer Science and Technology, v.17 n.4, p.450-463, July 2002
Anthony Harrington , Christian Jensen, Cryptographic access control in a distributed file system, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
Joshua D. Guttman , F. Javier Thayer , Lenore D. Zuck, The faithfulness of abstract protocol analysis: message authentication, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Geng-Sheng Kuo , Jing-Pei Lin, New design concepts for an intelligent Internet, Communications of the ACM, v.41 n.11, p.93-98, Nov. 1998
Yongxing Sun , Xinmei Wang, An approach to finding the attacks on the cryptographic protocols, ACM SIGOPS Operating Systems Review, v.34 n.3, p.19-28, July 2000
John C. Mitchell, Programming language methods in computer security, ACM SIGPLAN Notices, v.36 n.3, p.1-26, March 2001
Alan Harbitter , Daniel A. Menascé, The performance of public key-enabled kerberos authentication in mobile computing applications, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Carl A. Gunter , Trevor Jim, Generalized certificate revocation, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.316-329, January 19-21, 2000, Boston, MA, USA
Dan S. Wallach , Andrew W. Appel , Edward W. Felten, SAFKASI: a security mechanism for language-based systems, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.341-378, Oct. 2000
P. Lincoln , J. Mitchell , M. Mitchell , A. Scedrov, A probabilistic poly-time framework for protocol analysis, Proceedings of the 5th ACM conference on Computer and communications security, p.112-121, November 02-05, 1998, San Francisco, California, United States
Yasuyuki Tahara , Akihiko Ohsuga , Shinichi Honiden, Mobile agent security with the IPEditor development tool and the mobile UNITY language, Proceedings of the fifth international conference on Autonomous agents, p.656-662, May 2001, Montreal, Quebec, Canada
Dominique Bolignano, An approach to the formal verification of cryptographic protocols, Proceedings of the 3rd ACM conference on Computer and communications security, p.106-118, March 14-15, 1996, New Delhi, India
Hung-Yu Lin , Lein Harn, Authentication protocols for personal communication systems, ACM SIGCOMM Computer Communication Review, v.25 n.4, p.256-261, Oct. 1995
Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM SIGOPS Operating Systems Review, v.25 n.5, p.165-182, Oct. 1991
Jeannette M. Wing , Mandana Vaziri-Farahani, Model checking software systems: a case study, ACM SIGSOFT Software Engineering Notes, v.20 n.4, p.128-139, Oct. 1995
Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992
Se Hyun Park , Aura Ganz , Zvi Ganz, Security protocol for IEEE 802.11 wireless local area network, Mobile Networks and Applications, v.3 n.3, p.237-246, Sept. 1998
Nick Feamster , Hari Balakrishnan, Towards a logic for wide-area Internet routing, ACM SIGCOMM Computer Communication Review, v.33 n.4, October 2003
Mihir Bellare , Phillip Rogaway, Provably secure session key distribution: the three party case, Proceedings of the twenty-seventh annual ACM symposium on Theory of computing, p.57-66, May 29-June 01, 1995, Las Vegas, Nevada, United States
Joseph Y. Halpern , Riccardo Pucella, On the relationship between strand spaces and multi-agent systems, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Luigia Carlucci Aiello , Fabio Massacci, Verifying security protocols as planning in logic programming, ACM Transactions on Computational Logic (TOCL), v.2 n.4, p.542-580, Oct. 2001
Azzedine Boukerche, Security and fraud detection in mobile and wireless networks, Handbook of wireless networks and mobile computing, John Wiley & Sons, Inc., New York, NY, 2002
Chiara Bodei , Pierpaolo Degano , Riccardo Focardi , Corrado Priami, Primitives for authentication in process algebras, Theoretical Computer Science, v.283 n.2, p.271-304, June 14, 2002
Li Gong, New protocols for third-party-based authentication and secure broadcast, Proceedings of the 2nd ACM Conference on Computer and communications security, p.176-183, November 1994, Fairfax, Virginia, United States
V. Bharghavan, Secure wireless LANs, Proceedings of the 2nd ACM Conference on Computer and communications security, p.10-17, November 1994, Fairfax, Virginia, United States
Paul van Oorschot, Extending cryptographic logics of belief to key agreement protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.232-243, November 03-05, 1993, Fairfax, Virginia, United States
Mohamed G. Gouda , Chin-Tser Huang, A secure address resolution protocol, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.41 n.1, p.57-71, 15 January 2003
Joshua D. Guttman , F. Javier Thayer , Lenore D. Zuck, The faithfulness of abstract protocol analysis: message authentication, Journal of Computer Security, v.12 n.6, p.865-891, December 2004
Daniel Barbará , Tomasz Imieliński, Sleepers and workaholics: caching strategies in mobile environments (extended version), The VLDB Journal — The International Journal on Very Large Data Bases, v.4 n.4, October 1995
Tom Anderson , Scott Shenker , Ion Stoica , David Wetherall, Design guidelines for robust Internet protocols, ACM SIGCOMM Computer Communication Review, v.33 n.1, p.125-130, January 2003
Jinghua Wen , Mei Zhang , Xiang Li, The study on the application of BAN logic in formal analysis of authentication protocols, Proceedings of the 7th international conference on Electronic commerce, August 15-17, 2005, Xi'an, China
Wiebe van der Hoek , Alessio Lomuscio, Ignore at your peril - towards a logic for ignorance, Proceedings of the second international joint conference on Autonomous agents and multiagent systems, July 14-18, 2003, Melbourne, Australia
Olivier Pereira , Jean-Jacques Quisquater, Some attacks upon authenticated group key agreement protocols, Journal of Computer Security, v.11 n.4, p.555-580, 01/01/2004
Nancy Durgin , John Mitchell , Dusko Pavlovic, A compositional logic for proving security properties of protocols, Journal of Computer Security, v.11 n.4, p.677-721, 01/01/2004
Lily B. Mummert , Jeannette M. Wing , M. Satyanarayanan, Using belief to reason about cache coherence, Proceedings of the thirteenth annual ACM symposium on Principles of distributed computing, p.71-80, August 14-17, 1994, Los Angeles, California, United States
Farhad Arbab , Marcello M. Bonsangue , Frank S. de Boer, A coordination language for mobile components, Proceedings of the 2000 ACM symposium on Applied computing, p.166-173, March 2000, Como, Italy
Edward D. Lazowska, Recent trends in experimental operating systems research, Proceedings of the twelfth annual ACM symposium on Principles of distributed computing, p.13-19, August 15-18, 1993, Ithaca, New York, United States
Aviel D. Rubin, Extending NCP for protocols using public keys, Mobile Networks and Applications, v.2 n.3, p.227-241, Dec. 1997
Jian Yin , Jean-Philippe Martin , Arun Venkataramani , Lorenzo Alvisi , Mike Dahlin, Separating agreement from execution for byzantine fault tolerant services, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
M. Satyanarayanan, Roger Needham, 1935-2003, IEEE Pervasive Computing, v.2 n.2, p.2-3, April 2003
James W. Gray, III, Report on the computer security foundations workshop VI, ACM SIGSAC Review, v.11 n.4, p.4-6, Oct. 1993
Paul Syverson , Catherine Meadows, A Formal Language for Cryptographic Protocol Requirements, Designs, Codes and Cryptography, v.7 n.1-2, p.27-59, Jan. 1996
Catherine Meadows, Ordering from Satan's menu: a survey of requirements specification for formal analysis of cryptographic protocols, Science of Computer Programming, v.50 n.1-3, p.3-22, March 2004
R. Guha , Ravi Kumar , Prabhakar Raghavan , Andrew Tomkins, Propagation of trust and distrust, Proceedings of the 13th international conference on World Wide Web, May 17-20, 2004, New York, NY, USA
Marianne Winslett , Charles C. Zhang , Piero A. Bonatti, PeerAccess: a logic for distributed authorization, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Chang N. Zhang , Chunren Lai, A systematic approach for encryption and authentication with fault tolerance, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.45 n.2, p.143-154, 5 June 2004
Yuqing Zhang , Xiuying Liu, An approach to the formal verification of the three-principal cryptographic protocols, ACM SIGOPS Operating Systems Review, v.38 n.1, p.35-42, January 2004
Ahmed Abdo Ali, Security design for a new local area network AULWLAN, Proceedings of the 4th international conference conference on Computer systems and technologies: e-Learning, p.19-25, June 19-20, 2003, Rousse, Bulgaria
G. Leduc , O. Bonaventure , L. Léonard , E. Koerner , C. Pecheur, Model-Based Verification of a Security Protocol for Conditional Access to Services, Formal Methods in System Design, v.14 n.2, p.171-191, March 1999
Joseph Y. Halpern , Riccardo Pucella, On the relationship between strand spaces and multi-agent systems, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.43-70, February 2003
Nancy Durgin , Patrick Lincoln , John Mitchell , Andre Scedrov, Multiset rewriting and the complexity of bounded security protocols, Journal of Computer Security, v.12 n.2, p.247-311, May 2004
Levente Buttyán , István Vajda, Towards provable security for ad hoc routing protocols, Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, October 25-25, 2004, Washington DC, USA
Phan Minh Dung , Phan Minh Thang, Stepwise development of security protocols: a speech act-oriented approach, Proceedings of the 2004 ACM workshop on Formal methods in security engineering, October 29-29, 2004, Washington DC, USA
Hongbin Zhou , Simon N. Foley, Fast automatic synthesis of security protocols using backward search, Proceedings of the 2003 ACM workshop on Formal methods in security engineering, p.1-10, October 30, 2003, Washington, D.C.
Bogdan C. Popescu , Bruno Crispo , Andrew S. Tanenbaum , Frank L.A.J. Kamperman, A DRM security architecture for home networks, Proceedings of the 4th ACM workshop on Digital rights management, October 25-25, 2004, Washington DC, USA
Panagiotis Louridas, Some guidelines for non-repudiation protocols, ACM SIGCOMM Computer Communication Review, v.30 n.5, October 2000
Rajashekar Kailar, Accountability in Electronic Commerce Protocols, IEEE Transactions on Software Engineering, v.22 n.5, p.313-328, May 1996
Li Botao , Luo Junzhou, On timeliness of a fair non-repudiation protocol, Proceedings of the 3rd international conference on Information security, November 14-16, 2004, Shanghai, China
R. Corin , S. Etalle , P. H. Hartel , A. Mader, Timed model checking of security protocols, Proceedings of the 2004 ACM workshop on Formal methods in security engineering, October 29-29, 2004, Washington DC, USA
Yi Deng , Jiacun Wang , Jeffrey J. P. Tsai , Konstantin Beznosov, An Approach for Modeling and Analysis of Security System Architectures, IEEE Transactions on Knowledge and Data Engineering, v.15 n.5, p.1099-1119, September 2003
Hongbin Zhou , Simon N. Foley, A collaborative approach to autonomic security protocols, Proceedings of the 2004 workshop on New security paradigms, September 20-23, 2004, Nova Scotia, Canada
Churn-Jung Liau, Belief, information acquisition, and trust in multi-agent systems: a modal logic formulation, Artificial Intelligence, v.149 n.1, p.31-60, September 2003
Mark D. Corner , Brian D. Noble, Protecting applications with transient authentication, Proceedings of the 1st international conference on Mobile systems, applications and services, p.57-70, May 05-08, 2003, San Francisco, California
Feng Zhu , Matt Mutka , Lionel Ni, Facilitating secure ad hoc service discovery in public environments, Journal of Systems and Software, v.76 n.1, p.45-54, April 2005
C. Bodei , P. Degano , R. Focardi , C. Priami, Authentication primitives for secure protocol specifications, Future Generation Computer Systems, v.21 n.5, p.645-653, May 2005
Reiner Dojen , Tom Coffey, The concept of layered proving trees and its application to the automation of security protocol verification, ACM Transactions on Information and System Security (TISSEC), v.8 n.3, p.287-311, August 2005
R. Ramanujam , S. P. Suresh, Deciding knowledge properties of security protocols, Proceedings of the 10th conference on Theoretical aspects of rationality and knowledge, June 10-12, 2005, Singapore
Amitanand S. Aiyer , Lorenzo Alvisi , Allen Clement , Mike Dahlin , Jean-Philippe Martin , Carl Porth, BAR fault tolerance for cooperative services, ACM SIGOPS Operating Systems Review, v.39 n.5, December 2005
Changhua He , Mukund Sundararajan , Anupam Datta , Ante Derek , John C. Mitchell, A modular correctness proof of IEEE 802.11i and TLS, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Rui Xue , Deng-Guo Feng, New semantic model for authentication protocols in ASMs, Journal of Computer Science and Technology, v.19 n.4, p.555-563, July 2004
Mark D. Corner , Brian D. Noble, Zero-interaction authentication, Proceedings of the 8th annual international conference on Mobile computing and networking, September 23-28, 2002, Atlanta, Georgia, USA
Chiara Bodei , Mikael Buchholtz , Pierpaolo Degano , Flemming Nielson , Hanne Riis Nielson, Static validation of security protocols, Journal of Computer Security, v.13 n.3, p.347-390, May 2005
Anupam Datta , Ante Derek , John C. Mitchell , Dusko Pavlovic, A derivation system and compositional logic for security protocols, Journal of Computer Security, v.13 n.3, p.423-482, May 2005
John C. Mitchell , Ajith Ramanathan , Andre Scedrov , Vanessa Teague, A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols, Theoretical Computer Science, v.353 n.1, p.118-164, 14 March 2006
Issam Al-Azzoni , Douglas G. Down , Ridha Khedri, Modeling and verification of cryptographic protocols using coloured petri nets and design/CPN, Nordic Journal of Computing, v.12 n.3, p.201-228, September 2005
Norihiro Kamide, Linear and affine logics with temporal, spatial and epistemic operators, Theoretical Computer Science, v.353 n.1, p.165-207, 14 March 2006
Joshua D. Guttman , F. Javier Thayer, Authentication tests and the structure of bundles, Theoretical Computer Science, v.283 n.2, p.333-380, June 14, 2002
Ji Ma , Mehmet A. Orgun, Formalising theories of trust for authentication protocols, Information Systems Frontiers, v.10 n.1, p.19-32, March 2008
Anupam Datta , Ante Derek , John C. Mitchell , Arnab Roy, Protocol Composition Logic (PCL), Electronic Notes in Theoretical Computer Science (ENTCS), 172, p.311-358, April, 2007
Mark D. Corner , Brian D. Noble, Protecting file systems with transient authentication, Wireless Networks, v.11 n.1-2, p.7-19, January 2005
Michael Backes , Peeter Laud, Computationally sound secrecy proofs by mechanized flow analysis, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Qingfeng Chen , Chengqi Zhang , Shichao Zhang, ENDL: A Logical Framework for Verifying Secure Transaction Protocols, Knowledge and Information Systems, v.7 n.1, p.84-109, January 2005
Jürgen Nehmer , Martin Becker , Arthur Karshmer , Rosemarie Lamm, Living assistance systems: an ambient intelligence approach, Proceeding of the 28th international conference on Software engineering, May 20-28, 2006, Shanghai, China
C. J. F. Cremers , S. Mauw , E. P. de Vink, Injective synchronisation: an extension of the authentication hierarchy, Theoretical Computer Science, v.367 n.1, p.139-161, 24 November 2006
Sebastian Nanz , Chris Hankin, A framework for security analysis of mobile wireless networks, Theoretical Computer Science, v.367 n.1, p.203-227, 24 November 2006
R. Ramanujam , S. P. Suresh, A (restricted) quantifier elimination for security protocols, Theoretical Computer Science, v.367 n.1, p.228-256, 24 November 2006
Shahabuddin Muhammad , Zeeshan Furqan , Ratan K. Guha, Understanding the intruder through attacks on cryptographic protocols, Proceedings of the 44th annual southeast regional conference, March 10-12, 2006, Melbourne, Florida
Andrea Bottoni , Gianluca Dini, Improving authentication of remote card transactions with mobile personal trusted devices, Computer Communications, v.30 n.8, p.1697-1712, June, 2007
Bogdan C. Popescu , Bruno Crispo , Andrew S. Tanenbaum , Arno Bakker, Design and implementation of a secure wide-area object middleware, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.10, p.2484-2513, July, 2007
Aaron B. Brown , Anupam Chanda , Rik Farrow , Alexandra Fedorova , Petros Maniatis , Michael L. Scott, The many faces of systems research: and how to evaluate them, Proceedings of the 10th conference on Hot Topics in Operating Systems, p.26-26, June 12-15, 2005, Santa Fe, NM
Christoffer Rosenkilde Nielsen , Flemming Nielson , Hanne Riis Nielson, Cryptographic Pattern Matching, Electronic Notes in Theoretical Computer Science (ENTCS), 168, p.91-107, February, 2007
Darrell Kindred , Jeannette M. Wing, Fast, automatic checking of security protocols, Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, p.5-5, November 18-21, 1996, Oakland, California
Randall W. Lichota , Grace L. Hammonds , Stephen H. Brackin, Verifying cryptographic protocols for electronic commerce, Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, p.6-6, November 18-21, 1996, Oakland, California
Tage Stabell-Kulø , Ronny Arild , Per Harald Myrvang, Providing authentication to messages signed with a smart card in hostile environments, Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, p.11-11, May 10-11, 1999, Chicago, Illinois
Lei Tang, A set of protocols for micropayments in distributed systems, Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce, p.8-8, July 11-12, 1995, New York, New York
Cas Cremers, On the protocol composition logic PCL, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
P.C. van Oorschot , Tao Wan , Evangelos Kranakis, On interdomain routing security and pretty secure BGP (psBGP), ACM Transactions on Information and System Security (TISSEC), v.10 n.3, p.11-es, July 2007
Youssef Hanna , Hridesh Rajan , Wensheng Zhang, Slede: a domain-specific verification framework for sensor network security protocol implementations, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
Mirosław Kurkowski , Marian Srebrny, A Quantifier-free First-order Knowledge Logic of Authentication, Fundamenta Informaticae, v.72 n.1-3, p.263-282, January 2006
Krishnan G. Indiradevi , V. S. Suku Nair, Simulation Based Validation Of Authentication Protocols, Journal of Integrated Design & Process Science, v.8 n.4, p.79-98, December 2004
Zhi-Jia Tzeng , Wen-Guey Tzeng, Authentication of Mobile Users in Third Generation Mobile Systems, Wireless Personal Communications: An International Journal, v.16 n.1, p.35-50, January 2001
Yuqing Zhang , Jihong Li , Guozhen Xiao, An approach to the formal verification of the two-party cryptographic protocols, ACM SIGOPS Operating Systems Review, v.33 n.4, p.48-51, Oct. 1999
Axel van Lamsweerde, Elaborating Security Requirements by Construction of Intentional Anti-Models, Proceedings of the 26th International Conference on Software Engineering, p.148-157, May 23-28, 2004
Gianluigi Ferrari , C. Montangero , L. Semini , S. Semprini, Mark, a Reasoning Kit for Mobility, Automated Software Engineering, v.9 n.2, p.137-150, April 2002
Shouhuai Xu , Gendu Zhang , Hong Zhu, On the properties of cryptographic protocols and the weaknesses of the BAN-like logics, ACM SIGOPS Operating Systems Review, v.31 n.4, p.12-23, Oct. 1997
Yuqing Zhang , Chunling Wang , Jianping Wu , Xing Li, Using SMV for cryptographic protocol analysis: a case study, ACM SIGOPS Operating Systems Review, v.35 n.2, p.43-50, April 2001
Atle Refsdal , Ketil Stølen, Extending UML Sequence Diagrams to Model Trust-dependent Behavior With the Aim to Support Risk Analysis, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.2, p.15-29, February, 2008
Paul F. Syverson, A new look at an old protocol, ACM SIGOPS Operating Systems Review, v.30 n.3, p.1-4, July 1996
Chiara Bodei , Pierpaolo Degano , Han Gao , Linda Brodo, Detecting and Preventing Type flaws: a Control Flow Analysis with Tags, Electronic Notes in Theoretical Computer Science (ENTCS), v.194 n.1, p.3-22, November, 2007
Armin Liebl, Authentication in distributed systems: a bibliography, ACM SIGOPS Operating Systems Review, v.27 n.4, p.31-41, Oct. 1993
Thomas Y. C. Woo , Simon S. Lam, A lesson on authentication protocol design, ACM SIGOPS Operating Systems Review, v.28 n.3, p.24-37, July 1994
Paul Syverson, On key distribution protocols for repeated authentication, ACM SIGOPS Operating Systems Review, v.27 n.4, p.24-30, Oct. 1993
Fabio Massacci , Laura Marraro, Logical Cryptanalysis as a SAT Problem, Journal of Automated Reasoning, v.24 n.1-2, p.165-203, February 2000
Srividhya Subramanian , Mukesh Singhal, A secure, real-time stock market protocol, Netnomics, v.2 n.3, p.221-245, September 2000
Aslan Askarov , Daniel Hedin , Andrei Sabelfeld, Cryptographically-masked flows, Theoretical Computer Science, v.402 n.2-3, p.82-101, August, 2008
Tzong-Chen Wu , Thsia-Tzu Huang , Chien-Lung Hsu , Kuo-Yu Tsai, Recursive protocol for group-oriented authentication with key distribution, Journal of Systems and Software, v.81 n.7, p.1227-1239, July, 2008
Amir Herzberg , Igal Yoffe, The layered games framework for specifications and analysis of security protocols, International Journal of Applied Cryptography, v.1 n.2, p.144-159, November 2008
Denis Trcek , Roman Trobec , Nikola Pavesic , J. F. Tasic, Information systems security and human behaviour, Behaviour & Information Technology, v.26 n.2, p.113-118, March 2007
David L. Tennenhouse , David J. Wetherall, Towards an active network architecture, ACM SIGCOMM Computer Communication Review, v.37 n.5, October 2007
Ron van der Meyden , Thomas Wilke, Preservation of epistemic properties in security protocol implementations, Proceedings of the 11th conference on Theoretical aspects of rationality and knowledge, June 25-27, 2007, Brussels, Belgium
Sabina Petride , Riccardo Pucella, Perfect cryptography, S5 knowledge, and algorithmic knowledge, Proceedings of the 11th conference on Theoretical aspects of rationality and knowledge, June 25-27, 2007, Brussels, Belgium
Arjan J. Mooij, Constructing and Reasoning About Security Protocols Using Invariants, Electronic Notes in Theoretical Computer Science (ENTCS), 201, p.99-126, March, 2008
Shu-Chuan Chao , Kuanchin Chen , Chien-Hua Lin, Capturing industry experience for an effective information security assessment, International Journal of Information Systems and Change Management, v.1 n.4, p.421-438, January 2006
Gizela Jakubowska , Wojciech Penczek, Modelling and Checking Timed Authentication of Security Protocols, Fundamenta Informaticae, v.79 n.3-4, p.363-378, August 2007
Alessio Lomuscio , Franco Raimondi , Bożena Woźna, Verification of the TESLA protocol in MCMAS-X, Fundamenta Informaticae, v.79 n.3-4, p.473-486, August 2007
R. Corin , S. Etalle , P. H. Hartel , A. Mader, Timed analysis of security protocols, Journal of Computer Security, v.15 n.6, p.619-645, December 2007
Christian Skalka , X. Sean Wang , Peter Chapin, Risk management for distributed authorization, Journal of Computer Security, v.15 n.4, p.447-489, September 2007
Gergely Acs , Levente Buttyan , Istvan Vajda, Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks, IEEE Transactions on Mobile Computing, v.5 n.11, p.1533-1546, November 2006
Qingfeng Chen , Shichao Zhang , Yi-Ping Phoebe Chen, Rule-based dependency models for security protocol analysis, Integrated Computer-Aided Engineering, v.15 n.4, p.369-380, December 2008
Nabil El Kadhi , Hazem El-Gendy, Advanced method for cryptographic protocol verification, Journal of Computational Methods in Sciences and Engineering, v.6 n.5,6 Supplement 1, p.109-119, April 2006
Cas J.F. Cremers, Unbounded verification, falsification, and characterization of security protocols by pattern refinement, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Atle Refsdal , Ketil Stølen, Extending UML sequence diagrams to model trust-dependent behavior with the aim to support risk analysis, Science of Computer Programming, v.74 n.1-2, p.34-42, December, 2008
Anthony J. Nicholson , Mark D. Corner , Brian D. Noble, Mobile Device Security Using Transient Authentication, IEEE Transactions on Mobile Computing, v.5 n.11, p.1489-1502, November 2006
Chun-Ta Li , Min-Shiang Hwang , Yen-Ping Chu, Further improvement on a novel privacy preserving authentication and access control scheme for pervasive computing environments, Computer Communications, v.31 n.18, p.4255-4258, December, 2008
Peter C. Chapin , Christian Skalka , X. Sean Wang, Authorization in trust management: Features and foundations, ACM Computing Surveys (CSUR), v.40 n.3, p.1-48, August 2008
Gabriele Lenzini, Design of Architectures for Proximity-aware Services: Experiments in Context-based Authentication with Subjective Logic, Electronic Notes in Theoretical Computer Science (ENTCS), 236, p.47-64, April, 2009
Indrakshi Ray , Indrajit Ray , Sudip Chakraborty, An interoperable context sensitive model of trust, Journal of Intelligent Information Systems, v.32 n.1, p.75-104, February 2009
Wen-Shenq Juang , Jing-Lin Wu, Two efficient two-factor authenticated key exchange protocols in public wireless LANs, Computers and Electrical Engineering, v.35 n.1, p.33-40, January, 2009
Wouter Teepe, On BAN logic and hash functions or: how an unjustified inference rule causes problems, Autonomous Agents and Multi-Agent Systems, v.19 n.1, p.76-88, August 2009
Mehmet A. Orgun , Guido Governatori , Chuchang Liu, Modal tableaux for verifying stream authentication protocols, Autonomous Agents and Multi-Agent Systems, v.19 n.1, p.53-75, August 2009
Yaohui Lei , Alejandro Quintero , Samuel Pierre, Mobile services access and payment through reusable tickets, Computer Communications, v.32 n.4, p.602-610, March, 2009
Chin-Chen Chang , Chia-Yin Lee , Yen-Chang Chiu, Enhanced authentication scheme with anonymity for roaming service in global mobility networks, Computer Communications, v.32 n.4, p.611-618, March, 2009
Vladimir Paşca , Anca Jurcuţ , Reiner Dojen , Tom Coffey, Determining a parallel session attack on a key distribution protocol using a model checker, Proceedings of the 6th International Conference on Advances in Mobile Computing and Multimedia, November 24-26, 2008, Linz, Austria
Aaron Hunter , James P. Delgrande, Belief change and cryptographic protocol verification, Proceedings of the 22nd national conference on Artificial intelligence, p.427-433, July 22-26, 2007, Vancouver, British Columbia, Canada
Kai-Le Su , Qing-Liang Chen , Abdul Sattar , Wei-Ya Yue , Guan-Feng Lv , Xi-Zhong Zheng, Verification of authentication protocols for epistemic goals via SAT compilation, Journal of Computer Science and Technology, v.21 n.6, p.932-943, November 2006
Alessio Lomuscio , Wojciech Penczek, LDYIS: a Framework for Model Checking Security Protocols, Fundamenta Informaticae, v.85 n.1-4, p.359-375, September 2008
Roger M. Needham, Authentication, Encyclopedia of Computer Science, 4th edition, John Wiley and Sons Ltd., Chichester, 2003
Jared Cordasco , Susanne Wetzel, An attacker model for MANET routing security, Proceedings of the second ACM conference on Wireless network security, March 16-19, 2009, Zurich, Switzerland
Wen-Shenq Juang , Jing-Lin Wu, Robust and efficient authenticated key agreement in mobile communications, International Journal of Mobile Communications, v.7 n.5, p.562-579, April 2009
Jonathan Millen, Rewriting Techniques in the Constraint Solver, Electronic Notes in Theoretical Computer Science (ENTCS), 234, p.77-91, March, 2009
He Rongyu , Zhao Guolei , Chang Chaowen , Xie Hui , Qin Xi , Qin Zheng, A PK-SIM card based end-to-end security framework for SMS, Computer Standards & Interfaces, v.31 n.4, p.629-641, June, 2009
Jingwei Huang , David Nicol, A calculus of trust and its application to PKI and identity management, Proceedings of the 8th Symposium on Identity and Trust on the Internet, April 14-16, 2009, Gaithersburg, Maryland
Hsia-Hung Ou , Iuon-Chang Lin , Min-Shiang Hwang , Jinn-Ke Jan, TK-AKA: using temporary key on authentication and key agreement protocol on UMTS, International Journal of Network Management, v.19 n.4, p.291-303, July 2009
Kaile Su , Abdul Sattar , Guanfeng Lv , Yan Zhang, Variable forgetting in reasoning about knowledge, Journal of Artificial Intelligence Research, v.35 n.1, p.677-716, May 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.2 Network Protocols
          Subjects: Protocol verification

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Cryptographic controls; Authentication

  F. Theory of Computation
  F.3 LOGICS AND MEANINGS OF PROGRAMS


General Terms:
Security, Theory, Verification

Collaborative Colleagues:
Michael Burrows: colleagues
Martin Abadi: colleagues
Roger Needham: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player