Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties

Schmidt, Benedikt; Meier, Simon; Cremers, Cas; Basin, David

doi:10.1109/csf.2012.25

Cited by 177 publications

(210 citation statements)

References 28 publications

Supporting

Mentioning

210

Contrasting

Order By: Relevance

“…Key exchange protocols. We used Tamarin to analyze many authenticated key exchange protocols with respect to their intended adversary models [13]. These protocols typically include Diffie-Hellman exponentiation and are designed to satisfy complex security properties, such as the eCK model [9].…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

Meier

Schmidt

Cremers

et al. 2013

Lecture Notes in Computer Science

Self Cite

451

335

View full text Add to dashboard Cite

show abstract

Section: Resultsmentioning

confidence: 99%

“…The theory for Diffie-Hellman exponentiation and the application to DiffieHellman-based two-party key exchange protocols have been published in [13]. In the theses of Meier [10] and Schmidt [14], the approach is extended with trace induction and with support for bilinear pairings and AC operators.…”

Section: Introductionmentioning

confidence: 99%

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

Meier

Schmidt

Cremers

et al. 2013

Lecture Notes in Computer Science

Self Cite

451

335

View full text Add to dashboard Cite

show abstract

“…The tool automatically generates JavaScript specifications for the execution environment of the FutureID project [23], which may require some manual encoding. The other one [24] proposes a translation from an Alice & Bob specification into an intermediate representation verifiable with Tamarin [25]; the paper illustrates how to derive the checks but the tool does not generate concrete implementations in a programming language. Instead, our tool generates with one-click Java code that is directly runnable, thanks to the support of the integrated AnBxJ security library.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

AnBx: Automatic Generation and Verification of Security Protocols Implementations

Modesti

2016

Foundations and Practice of Security

View full text Add to dashboard Cite

The AnBx compiler is a tool for automatic generation of Java implementations of security protocols specified in a simple and abstract model that can be formally verified. In our model-driven development approach, protocols are described in AnBx , an extension of the Alice & Bob notation. Along with the synthesis of consistency checks, the tool analyses the security goals and produces annotations that allow the verification of the generated implementation with ProVerif.

show abstract

“…This model facilitates formal verification, and many automatic protocol verifiers (AVISPA [3], F7 [12], FDR [37], ProVerif [21], Scyther [28], Tamarin [45], . .…”

Section: Introductionmentioning

confidence: 99%

Symbolic and Computational Mechanized Verification of the ARINC823 Avionic Protocols

Blanchet

2017

2017 IEEE 30th Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

Abstract-We present the first formal analysis of two avionic protocols that aim to secure air-ground communications, the ARINC823 public-key and shared-key protocols. We verify these protocols both in the symbolic model of cryptography, using ProVerif, and in the computational model, using CryptoVerif. While we confirm many security properties of these protocols, we also find several weaknesses, attacks, and imprecisions in the standard. We propose fixes for these problems. This case study required the specification of new cryptographic primitives in CryptoVerif. It also illustrates the complementarity between symbolic and computational verification. I. INTRODUCTIONSecuring electronic communications between aircrafts and ground entities (control towers, airlines) becomes more and more important. Indeed, such electronic communications convey more and more important information and aircrafts are prominent targets for attacks, such as terrorist attacks. So, even if most air-ground communications are currently sent in the clear, the adoption of secured communications seems unavoidable.Several [34]) in order to secure these communications. In this paper, we study the ARINC823 standard [2]. This standard aims to secure ACARS (Aircraft Communications Addressing and Reporting System) messages. These messages are short text messages, which include air traffic control messages, such as clearance messages, flight plans, weather information, as well as maintenance messages, so that needed maintenance operations can be planed at the next airport.In addition to security (authentication and secrecy of the messages), other goals are apparent in the design of the standard:• Bandwidth: the available bandwidth is limited and the ACARS messages are relatively short, so the protocol is designed to minimize the additional bandwidth required for security.• Resistance to failures: the messages are conveyed even in case of failure of the security system. • Flexibility: the protocol is designed to provide different levels of security: authentication and secrecy, authentication only, and no security, on a message-per-message basis. These additional goals justify the design of specific protocols. The ARINC823 standard provides two such protocols:

show abstract

Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties

Cited by 177 publications

References 28 publications

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

AnBx: Automatic Generation and Verification of Security Protocols Implementations

Symbolic and Computational Mechanized Verification of the ARINC823 Avionic Protocols

Contact Info

Product

Resources

About