Sigrid Gürgens , René Peralta Efficient Automated Testing of Cryptographic Protocols

Validation of Cryptographic Protocols by Efficient Automated Testing

We present a method for validating cryptographic protocols. The method can find flaws which are inherent i~l the design of the protocol as well as flaws arising from the particular implementation of the protocol. The latter possibility arises from the fact that there is no universally accepted standard for describing either the cryptographic protocols themselves or their implementation. Thus, s...

Efficient Detection of Failure Modes in Electronic Commerce Protocols

The design of key distribution and authentication protocols has been shown to be error-prone. These protocols constitute the part of more complex protocols used for electronic commerce transactions. Consequently, these new protocols are likely to contain flaws that are even more difficult to find. In this paper, we present a search method for detecting potential security flaws in such protocols...

SG Logic- A Formal Analysis Technique for Authentication Protocols

Suitability of a Classical Analysis Method for E-commerce Protocols

We present the adaptation of our model for the validation of key distribution and authentication protocols to address specific needs of protocols for electronic commerce. The two models defer in both the threat scenario and in the formalization. We demonstrate the suitability of our adaptation by analyzing a specific version of the Internet Billing Server protocol introduced by Carnegie Mellon ...

Authenticity and Provability - A Formal Framework

Authentication and non-repudiation are essential security requirements for electronic commerce applications and other types of binding telecooperation. Symmetric and asymmetric encryption techniques and different types of digital signatures can be used to provide these security services. However, cryptographic algorithms can only provide isolated functionality that has to be integrated into mor...