Verifying security protocols with PVS: widening the rank function approach

Verifying Security Protocols: An ASM Approach

In this paper we present a modeling technique for security protocols using Abstract State Machines [BS03,Gur95] (ASMs). We describe how we model the different agents in the scenario, the attacker and the communication between them.

TAuth: Verifying Timed Security Protocols

Quantitative timing is often relevant to the security of systems, like web applications, cyber-physical systems, etc. Verifying timed security protocols is however challenging as both arbitrary attacking behaviors and quantitative timing may lead to undecidability. In this work, we develop a service framework to support intuitive modeling of the timed protocol, as well as automatic verification...

Compiling and Verifying Security Protocols

Verifying Parameterized Timed Security Protocols

Quantitative timing is often explicitly used in systems for better security, e.g., the credentials for automatic website logon often has limited lifetime. Verifying timing relevant security protocols in these systems is very challenging as timing adds another dimension of complexity compared with the untimed protocol verification. In our previous work, we proposed an approach to check the corre...

Verifying Second-Level Security Protocols

A second-level security protocol is defined as a security protocol that relies on an underlying security protocol in order to achieve its goals. The verification of classical authentication protocols has become routine, but second-level protocols raise new challenges. These include the formalisation of appeals to the underlying protocols, the modification of the threat model, and the formalisat...