|
| |
| | Analyzing cryptographic protocols |
 | | In the state machine approach, a cryptographic protocol is treated as any other computer program and an attempt is made to prove correctness. | | | With this method, the protocol is modeled as an algebraic system, where the state is expressed as the participants' knowledge about the protocol, and where different states' attainability is analyzed. | | | Abadi and Needham, 1994] it is given eleven design principals when designing cryptographic protocols; among those are the fact that every message should say what it means, and that the protocol designer should know which trust relations his protocol depends on, and why the dependency is necessary. |
|
http://www.pasta.cs.uit.no/thesis/html/ronnya/node30.html
(693 words)
|
|
| |
| | Lewis Robart M.Sc Abstract |
| | Cryptographic protocols may contain flaws or weaknesses; efficient and effective means of analyzing these protocols are required. | | | Comparisons between protocols based on private-key and public-key cryptosystems are also presented, to aid designers in determining the appropriate cryptographic algorithm to use in specific instances. | | | Cryptographic protocols, utilizing cryptographic algorithms, are used to address security issues in PCS, such as privacy and authentication. |
|
http://adonis.ee.queensu.ca/pn/robart_thesis_abs.html
(300 words)
|
|
| |
| | CRYPTO Publications |
| | The NRL Protocol Analyzer is a special-purpose verification tool, written in Prolog, that has been developed for the analysis of cryptographic protocols that are used to authenticate principals and services and distribute keys in a network. | | | The NRL Protocol Analyzer is a prototype special-purpose verification tool, written in Prolog, that has been developed for the analysis of cryptographic protocols that are used to authenticate principals and services and distribute keys in a network. | | | In this paper we develop a model of computation for the NRL Protocol Analyzer by modifying and extending the model of computation for Burroughs, Abadi, and Needham (BAN) logic developed by Abadi and Tuttle. |
|
http://chacs.nrl.navy.mil/publications/CHACS/CRYPTOindex.html
(6521 words)
|
|
| |
| | Security Protocols over Open Networks and Distributed Systems: Formal Methods for their Analysis, Design, and ... |
| | After the discovery of flaws in a protocol, the flaws are often corrected or approaches are being adopted to avoid using the reasoning of the flawed protocols [4]. | | | The NRL Protocol Analyzer has been used successfully to locate a series of previously unknown flaws in a number of protocols [45] [46], and to demonstrate flaws that were already known in the literature [47]. | | | CAPSL is proposed as a single common protocol specification language that can be used as the input format for any formal analysis technique, such as Prolog state-search analysis tools [18], the NRL Protocol Analyzer [16] [17], model-checking with FDR [15], and HOL [8]. |
|
http://www.dmst.aueb.gr/dds/pubs/jrnl/1997-CompComm-Formal/html/formal.htm
(11061 words)
|
|
| |
| | Dagstuhl Seminar 01391 "Specification and Analysis of Secure Cryptographic Protocols" (September, 23-28, 2001) |
| | Natural candidates for a classification scheme are: synchronous versus asynchronous communication, complexity, decidability, practicability, which class of cryptographic protocols can be modelled (point-to-point, group communication, etc.), which cryptographic and other computations are supported, which analysis techniques are supported, and what is the scope, extensibility, and reusability of the modelling formalism. | | | Regarding (2), currently many different techniques are used for modelling, e.g., event-based approaches using knowledge and belief logic abstractions, agent-based approaches modelling protocol processes using multiset rewriting, process algebra based approaches, and the strand space approach. | | | Moreover, their complexity is steadily increasing and it is nontrivial to compose or extend smaller protocols to more complex ones. |
|
http://www.csl.sri.com/users/denker/dagstuhl/topics.html
(654 words)
|
|
| |
| | Csur - C cryptographic protocols analyzer |
| | Csur is a project about automatic analysis of cryptographic protocols written in C. Csur uses a new hybrid analysis of C code: programs represent roles of agents in protocols and a static analysis computes message exchange between agents of protocols. | | | is the analyzer and performs cryptographic protocols analysis. | | | Static analysis, abstract interpretation, C code analysis, pointer analysis, cryptographic protocols analysis, cryptographic protocols analyzer, Horn clauses, First order logic. |
|
http://www.lsv.ens-cachan.fr/csur
(681 words)
|
|
| |
| | Cryptographic protocols |
| | On the properties of cryptographic protocols and the weaknesses of the BAN-like logics. | | | Questions of belief are essential in analyzing protocols for authentication in distributed computing systems. | | | We then present a logic that adds temporal formalisms to AT and that is rich enough to reveal the flaws in the presented protocol; nonetheless, this logic is sound with respect to the same semantics that was given in [AT91]. |
|
http://www.di.ens.fr/~monniaux/biblio/protocols.html
(1804 words)
|
|
| |
| | Cryptographic Polling Protocols |
| | The authors maintain that the simplest of their protocols does not require computations on the part of the voter that are outside ``the range of normal human ability.'' However, the more complex protocols that have fewer requirements for trusting election authorities would require the voter to bring a personal computing device into the voting booth. | | | In the Two Agency Protocol developed by Nurmi, Salomaa, and Santean [15], the responsibilities of validating registered voters and computing and publishing the results of the election are divided between two agencies, as in the simplistic scheme. | | | Chaum proposed the first published cryptographic voting protocol in a 1981 paper on anonymous electronic mail and digital pseudonyms [3]. |
|
http://lorrie.cranor.org/voting/sensus/ssp/node12.html
(1321 words)
|
|
| |
| | CIS 6930 Cryptographic Protocols |
| | An authentication protocol is an exchange of messages having a specific form for authentication of principals using cryptographic algorithms. | | | Any logic-based method to analyze an authentication protocol will try to derive these two levels of beliefs in order to state that the authentication protocol is flawless. | | | But in fact there is a flaw in NSSK protocol that couldn’t be discovered by BAN analysis because of the dubious assumption. |
|
http://www.cise.ufl.edu/~nemo/crypto/giri.htm
(1679 words)
|
|
| |
| | Cryptology ePrint Archive |
| | A salient property of definitions that follow this paradigm is that they guarantee security even when the analyzed protocol runs alongside an unbounded number of unknown (even maliciously designed) protocols, or more generally when the protocol is used as a component of an arbitrary distributed system. | | | This property is essential for maintaining security of cryptographic protocols in complex and unpredictable environments, such as the global Internet. | | | We formulate a general framework that allows writing universally composable definitions of security for practically any cryptographic task. |
|
http://eprint.iacr.org/2000/067
(294 words)
|
|
| |
| | Network Security: Zero Knowledge and Small Systems |
| | The same problems are used as the security base of public key protocols, so if an easy solution to any of these problems is found, large groups of cryptographic protocols become obsolete overnight (over a microsecond, you'd better think). | | | Another possible solution would be to use symmetric-key cryptography protocols (which have relatively small computational and memory requirements), with designed-in features for the eventual loss of key secrecy through reverse engineering. | | | This attack is possible on other protocols too, but because this protocol uses a relatively weak single round, the possibility of this attack succeeding might make it a real danger to the security of this protocol. |
|
http://www.tml.tkk.fi/Opinnot/Tik-110.501/1995/zeroknowledge.html
(6357 words)
|
|
| |
| | Verifying Cryptographic Protocols for Electronic Commerce |
| | The aim of this work is to develop methods for verifying protocol correctness that will aid protocol designers at the beginning of the design process, rather than later, after the protocol is already in use. | | | The tool should be usable by protocol designers, not mathematicians. | | | The back end uses a version of belief logic whose libraries have been inspected on the source code level by members of the theorem-proving community. |
|
http://www.usenix.org/publications/library/proceedings/ec96/summaries/node9.html
(305 words)
|
|
| |
| | TCS - Research - Publications - Analysis of Cryptographic Protocols via Symbolic State Space Enumeration |
| | Cryptographic protocols are an important building block of information security solutions. | | | Most of the complexity of the symbolic method in this thesis stems from the need to be able to handle infinite sets of algebraic terms and their interactions under a rewrite system. | | | In this thesis, a new formal analysis method for security protocols is presented. |
|
http://www.tcs.hut.fi/Publications/info/ahuima.Huima99.shtml
(412 words)
|
|
| |
| | Christian Cachin --- Research |
| | Many protocols for this task are known for environments with random or ``benign'' faults, but we are the first to address an adversarial, fully asynchronous network, such as the Internet [4]. | | | In my thesis work I addressed cryptographic protocols with information-theoretic security [5], [6], [7]; a particularly attractive model is the one of [2], [5], in which only the storage space of an adversary is bounded, but not its computational power. | | | We have developed [3] the first efficient protocols for this task, including a practical cryptographic solution for the classical problem of Byzantine agreement [5]. |
|
http://www.zurich.ibm.com/~cca/research.html
(887 words)
|
|
| |
| | UCT CS Research Document Archive - Attack Analysis of Cryptographic Protocols Using Strand Spaces |
| | We give a brief overview of the concepts associated with the project, including a summary of existing security protocol analysis techniques, and a description of the strand space model, which is the intended formalism for the analysis. | | | In fact, it is recognised that the engineering of security protocols is a challenging task, since protocols that appear secure can contain subtle flaws that attackers can exploit. | | | However, the fact that strong cryptographic algorithms exist does not guarantee the security of a communications system. |
|
http://pubs.cs.uct.ac.za/archive/00000120
(258 words)
|
|
| |
| | A Calculus for Cryptographic Protocols |
| | This course takes a programming language approach to solving problems in the analysis of cryptographic protocols. | | | Prerequisites: some exposure to the formal semantics of programming languages. | | | As well as reviewing established work on spi, the course covers ongoing work on type-checking protocols, and highlights opportunities for further research. |
|
http://research.microsoft.com/~adg/Teaching/spi-course.html
(182 words)
|
|
| |
| | Modelling and Analyzing Cryptographic Protocols Using Petri Nets. |
| | Abstract: In this paper, we present a Petri net based methodology for the formal modelling and analysis of cryptographic protocols. | | | We demonstrate the value of this methodology by applying it to a number of published protocols. | | | Modelling and Analyzing Cryptographic Protocols Using Petri Nets. |
|
http://www.informatik.uni-hamburg.de/TGI/pnbib/n/nieh_b_b1.html
(189 words)
|
|
| |
| | Formal Verification of Cryptographic Protocols |
| | The purpose of this project is to bring together researchers from several different institutions to work together and share their results on the foundations of computer security and related areas. | | | To develop and evaluate formal methods for the verification of cryptographic protocols. | | | This page is part of the web at the Center for High Assurance Computer Systems. |
|
http://chacs.nrl.navy.mil/projects/crypto.html
(380 words)
|
|
| |
| | Cryptography and Cryptographic Protocols |
| | We survey the paradigms, approaches and techniques used to conceptualize, define and provide solutions to natural cryptographic problems. | | | The survey was originally intended for researchers in distributed computing, and assumes no prior familiarity with cryptography. | | | We start by presenting some of the central tools (e.g., computational difficulty, pseudorandomness, and zero-knowledge proofs), and next turn to the treatment of encryption and signature schemes. |
|
http://www.wisdom.weizmann.ac.il/~odedg/foc-sur01.html
(146 words)
|
|
| |
| | Formal Automatic Verification of Authentication Cryptographic Protocols |
| | In addition to the classical known intruder computational abilities such as encryption and decryption, we also consider those computations that result from different instrumentations of the protocol. | | | We present a new verification algorithm that generates from the protocol description the set of possible flaws, if any, as well as the corresponding attack scenarios. | | | We address the formal analysis of authentication cryptographic protocols. |
|
http://csdl2.computer.org/persagen/DLAbsToc.jsp?resourcePath=/dl/proceedings/&toc=comp/proceedings/icfem/1997/8002/00/8002toc.xml&DOI=10.1109/ICFEM.1997.630399
(342 words)
|
|
| |
| | Analysis of cryptographic protocols |
| | (All tested protocols have been analyzed in less than 1 s.) With Andreas Podelski, I have shown that the considered resolution algorithm terminates on a large class of protocols (the so-called "tagged" protocols, FoSSaCS'03 and TCS). | | | An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. | | | In F. Honsell and M. Miculan, editors, Foundations of Software Science and Computation Structures (FoSSaCS 2001), volume 2030 of Lecture Notes on Computer Science, pages 25-41, Genova, Italy, April 2001. |
|
http://www.di.ens.fr/~blanchet/crypto-eng.html
(791 words)
|
|
| |
| | SECURYPTO: France-Quebec research network on cryptographic protocols. |
| | New user interface for CASRUL/AVISPA (LORIA's analysis language-tool for cryptographic protocols) with the output of message sequence charts describing possible attack scenarios. | | | Chevalier, Y., A Simple Constraint Combination Procedure for Cryptographic Protocols with Xor, 18th Int. | | | 7/2003: Gaétan Hains visited CRAC for one week to collaborate on the protocol analyser, on symbolic bisimulation and on the SOCLE project. |
|
http://www.univ-orleans.fr/lifo/Members/ghains/securypto
(803 words)
|
|
| |
| | Cryptographic Voting Protocols |
| | Self-adjudicating protocols are usually based on multiparty computation. | | | These works are all quite valuable, but add unnecessary complexity. | | | Their protocol was the first practical method to theoretically fulfill these requirements. |
|
http://www.cs.virginia.edu/~pev5b/writing/academic/thesis/node9.html
(747 words)
|
|
| |
| | MITRE - Our Work - Technical Papers - 2004 Technical Papers - Programming Cryptographic Protocols |
| | This semantics also motivates a compilation strategy, yielding protocol implementations faithful to their verified behavior. | | | The language provides a minimal expressiveness useful for defining new protocols. | | | A programming language for cryptographic protocols eases design and implementation of application-specific protocols for tasks such as electronic commerce and distributed access control. |
|
http://www.mitre.org/work/tech_papers/tech_papers_04/04_0836
(161 words)
|
|
| |
| | DIMACS Workshop on Cryptographic Protocols in Complex Environments |
| | Designing secure protocols for complex and unpredictable multi-user environments like the Internet is a non-trivial task. | | | DIMACS Workshop on Cryptographic Protocols in Complex Environments | | | Challenges range from developing appropriate notions of security, to the design and analysis of efficient multi-party cryptographic protocols that satisfy these notions, to the secure implementation of these protocols. |
|
http://dimacs.rutgers.edu/Workshops/Environments/announcement.html
(131 words)
|
|
| |
| | Cryptographic protocol - Wikipedia, the free encyclopedia |
| | Cryptographic protocols can sometimes be verified formally on an abstract level. | | | A security protocol (or cryptographic protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods. | | | There are other types of cryptographic protocols as well, and even the term itself has various different readings; Cryptographic application protocols often use one or more underlying key agreement methods, which are also sometimes themselves referred to as "cryptographic protocols". |
|
http://en.wikipedia.org/wiki/Cryptographic_protocol
(206 words)
|
|
| |
| | CSci 4509 Cryptographic Protocols, UMM |
| | Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition by Bruce Schneier (required). | | | On this page you will find information about: | | | This book details a lot of real-life protocols. |
|
http://cda.morris.umn.edu/~elenam/4509_spring05
(460 words)
|
|
| |
| | Avi Rubin's Vita |
| | David P. Kormann and Aviel D. Rubin, Risks of the Passport Single Signon Protocol, Computer Networks, (July, 2000). | | | Aviel D. Rubin, Lead article: Kerberos Versus the Leighton and Micali Protocol, Dr. | | | University of Michigan, 5th Annual Industrial Partners of Computer Science and Engineering (IPoCSE) Review, A Formal Method for Specifying and Analyzing Nonmonotonic Cryptographic Protocols (March 18, 1994). |
|
http://avirubin.com/vita.html
(4292 words)
|
|
| |
| | Csur - C cryptographic protocols analyzer |
| | cryptographic protocols analysis using a new hybrid abstract semantics | | | Results of the analysis can be directly viewed in the source code using |
|
http://www.lsv.ens-cachan.fr/csur/tools.php
(311 words)
|
|
| |
| | CIS: Anonymity in Cryptographic Protocols |
| | Our goal is to develop mathematical techniques that enable anonymity in cryptographic systems without compromising the security. | | | Cryptography and Information Security Group Research Project: Anonymity in Cryptographic Protocols | | | If the systems are not carefully designed, the overall security of the system could be compromised. |
|
http://theory.lcs.mit.edu/~cis/cis-anonymity.html
(448 words)
|
|
| |
| | Verification of Cryptographic Protocols |
| | The study of cryptography and of cryptographic protocols has received considerable attention in recent years, notably because of the growth of electronic commerce where issues like secrecy and authenticity are crucial. | | | Even if the cryptographic primitives are assumed to be secure, most cryptographic protocols turn out to have errors which escape the attention of their designers. | | | In this course we will look at some cryptographic protocols, and methods for modeling and verifying them. |
|
http://www2.informatik.tu-muenchen.de/lehre/WS03/verification.html
(135 words)
|
|
| |
| | Simple Proofs of Cryptographic Protocols |
| | Cryptographic protocols for authentication and related tasks are notoriously tricky; errors have been found in many published protocols, sometimes years after their publication. | | | Because specialized modal logics like BAN fail to catch many of these errors, there has been a surge of interest in formal verification in more realistic operational models. | | | We describe some simple proof rules that suffice for proving a wide variety of these protocols. |
|
http://www.cs.ucsb.edu/research/colloquia/abstracts/cohen98.shtml
(85 words)
|
|
| |
| | A Bisimulation Method for Cryptographic Protocols |
| | The definition includes a simple and precise model of the knowledge of the environment with which a protocol interacts. | | | We introduce a definition of bisimulation for cryptographic protocols. | | | Bisimulation is the basis of an effective proof technique, which yields proofs of classical security properties of protocols and also justifies certain protocol optimisations. |
|
http://research.microsoft.com/Pubs/view.aspx?pubid=162
(103 words)
|
|
| |
| | CRYPTOGRAPHIC PROTOCOLS |
| | The last two decades have seen a tremendous development of cryptographic protocols allowing mutually distrusting parties to evaluate a common function while leaking as little information as possible about their inputs. | | | In this course we will study such protocols with an emphasis on ones that achieve a social goal. | | | In particular we will concentrate of protocols for voting, protecting ownership and preserving privacy. |
|
http://www.wisdom.weizmann.ac.il/courses/crypt-prot-02.html
(63 words)
|
|
| |
| | Cryptographic protocols ScotLUG |
| | This idea can be extended to form an Oblivious Transfer protocol which is useful for electronic voting. | | | This can be extended with further cryptographic protocols. | | | Bob cannot cheat because all he can work out is that x is one of two numbers. |
|
http://www.scotlug.org.uk/node/view/24
(374 words)
|
|
| |
| | Course COM SCI 282B: Cryptographic Protocols |
| | This sequel will consider advanced cryptographic protocol design and analysis. | | | The course will also be cross-listed as a mathematics course (MATH 208C). | | | May be repeated for credit with topic change. |
|
http://www.cs.ucla.edu/~rafail/TEACHING/SPRING-2004
(82 words)
|
|
| |
| | Title Page |
| | There will be coverage of a few related topics such as encryption/decryption algorithms and a few historical references, but for the most part, the intent here is to be a reference on cryptographic protocols. | | | This is an online encyclopedia of cryptographic protocols. | | | Although my intent is to be as exhaustive as possible, the literature is increasingly broad and deep; the coverage I give it here will probably never be truly exhaustive. |
|
http://www.disappearing-inc.com/intro/splash.html
(71 words)
|
|
| |
| | BRICS Mini-Course: Cryptographic Protocols and Formal Methods |
| | These talks give an overview of recent advances of linking cryptography and formal methods. | | | Particular emphasis will be on the cryptographic justification of a Dolev-Yao model under active attacks and for arbitrary protocol environment. | | | Formal methods, on the other hand, have well-defined protocol languages and provide tool support for proofs, such as model checking or theorem proving. |
|
http://www.brics.dk/BRICS/MC/04/CryptographicProtocols
(214 words)
|
|
| |
| | Program for FICS workshop on Cryptographic Protocols, |
| | Program for FICS workshop on Cryptographic Protocols, August 2003, at Computer Science Department of | | | FICS: Foundations in Cryptography and Security, supported by the Danish Natural Sciences Research Council |
|
http://fics.mat.dtu.dk/ws.html
(109 words)
|
|
| |
| | Cambridge University Press - Computer Science |
| | Cryptography is concerned with the conceptualization, definition and construction of computing systems that address security concerns. | | | The design of cryptographic systems must be based on firm foundations. | | | It is suitable for use in a graduate course on cryptography and as a reference book for experts. |
|
http://www.cambridge.org/us/computerscience
(303 words)
|
|
| |
| | Verifying Security Protocols Using Isabelle |
| | Relations between secrets: two formal analyses of the Yahalom protocol. | | | The proof scripts, other than those for SET, are distributed with Isabelle. | | | DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997. |
|
http://www.cl.cam.ac.uk/users/lcp/papers/protocols.html
(276 words)
|
|
| |
| | Claude Crépeau - Cryptographic protocols |
| | Efficient reductions among oblivious transfer protocols based on new self-intersecting codes. | | | In Advances in Cryptology: Proceedings of Crypto '86, volume 263 of Lecture Notes in Computer Science, pages 239-247. | | | In Advances in Cryptology: Proceedings of Crypto '91, volume 576 of Lecture Notes in Computer Science, pages 351-366. |
|
http://www.cs.mcgill.ca/~crepeau/protocols.html
(529 words)
|
|
| |
| | Category:Cryptographic protocols - Wikipedia, the free encyclopedia |
| | Cryptographic protocols are communication protocols which are designed to provide security assurances of various kinds, using cryptographic mechanisms. | | | The term "protocol" is used in a wide sense, to include off-line arrangements such as encryption of e-mail messages. | | | Classic assurances include confidentiality, message integrity, and more recent research includes anonymity assurances. |
|
http://en.wikipedia.org/wiki/Category:Cryptographic_protocols
(86 words)
|
|
| |
| | CS 693 A -- Cryptographic Protocols |
| | Student Presentations: Cryptographic Protocol Analysis II Professor Wright | | | Topics include: signature and authentication protocols, privacy, digital rights management, security protocols for wired, wireless and distributed networks, firewalls, virtual private networks (VPNs), electronic voting, electronic payment protocols, visual cryptogrpahy techniques, active and passive attacks. | | | This course describes various security protocols, different attacks and defenses against them. |
|
http://www.cs.stevens.edu/~swetzel/CS693/spring05/cs693.html
(607 words)
|
|
| |
| | Alice and Bob - Definition of Alice and Bob - Alice and Bob in Encyclopedia - DictionaryWords.net |
| | The archetypal individuals used as examples in : discussions of cryptographic protocols. | | | These names for roles are either already standard or, given the wide popularity of the book, may be expected to quickly become so. | | | So now we say "Alice communicates with someone claiming to be Bob, and to be sure, Alice tests that Bob knows a secret number K. Alice sends to Bob a random number X. Bob then forms Y by encrypting X under key K and sends Y back to Alice". |
|
http://www.dictionarywords.net/find/word/Alice%20and%20Bob/jargon
(188 words)
|
|
| |
| | Cryptographic Protocols |
| | Details matter -- this is not a job for amateurs. | | | To set up a cryptographic session, several messages are exchanged, using a variety of cryptographic primitives. |
|
http://www.cs.columbia.edu/~smb/talks/seton-hall/sld026.htm
(26 words)
|
|
| |
| | Documento sin título |
| | David Chaum cryptographer: digicash, blind signatures, DC nets | | | Piete Brooks brute-SSL, PGP keyserver Cambridge univ, UK Ian Brown Enigma, cryptix |
|
http://isg.upc.es/links.html
(123 words)
|
|
|
