StatVerif: Verification of stateful processes

Arapinis, Myrto; Phillips, Joshua; Ritter, Eike; Ryan, Mark

doi:10.3233/jcs-140501

Cited by 34 publications

(58 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Examples include the TESLA protocols, the security device and contract signing examples from [1], the keyserver protocol from [11], and the exclusive secrets and envelope protocol models for TPMs from [5]. In each case, our results are more general or the analysis is more efficient than previous results.…”

Section: Resultscontrasting

confidence: 50%

“…The ProVerif tool [2] has been extended to partially handle DH with inverses [8], bilinear pairings [12], and mutable global state [1]. From a user perspective, Tamarin provides a more expressive property specification language that, e. g., allows for direct specification of temporal properties.…”

Section: Related Toolsmentioning

confidence: 99%

“…It has more difficulty dealing with properties that depend on the precise state of agent sessions and mutable global state. The extension [1] for mutable global state is subject to several restrictions and the protocol models require additional manual abstraction steps. Similarly, the DH and bilinear pairing extensions work under some restrictions, e. g., exponents in the specification must be ground.…”

Section: Related Toolsmentioning

confidence: 99%

See 2 more Smart Citations

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

Meier

Schmidt

Cremers

et al. 2013

Lecture Notes in Computer Science

451

335

View full text Add to dashboard Cite

show abstract

Section: Resultscontrasting

confidence: 50%

Section: Related Toolsmentioning

confidence: 99%

Section: Related Toolsmentioning

confidence: 99%

See 1 more Smart Citation

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

Meier

Schmidt

Cremers

et al. 2013

Lecture Notes in Computer Science

451

335

View full text Add to dashboard Cite

show abstract

“…Accordingly, we believe the definition is necessary, but may not be sufficient. This limitation could be overcome by introducing a stateful variant of the applied pi calculus, indeed, Arapinis, Ritter & Ryan [ARR11] make some progress in this direction. A further limitation of our privacy definition is the restriction to settings with one issuer, indeed, this corresponds to the cryptographic game.…”

Section: Further Work and Conclusionmentioning

confidence: 99%

Formal analysis of privacy in Direct Anonymous Attestation schemes

Smyth

Ryan

Chen

2015

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

This article introduces a definition of privacy for Direct Anonymous Attestation schemes. The definition is expressed as an equivalence property which is suited to automated reasoning using Blanchet's ProVerif. The practicality of the definition is demonstrated by analysing the RSAbased Direct Anonymous Attestation protocol by Brickell, Camenisch & Chen. The analysis discovers a vulnerability in the RSA-based scheme which can be exploited by a passive adversary and, under weaker assumptions, corrupt issuers and verifiers. A security fix is identified and the revised protocol is shown to satisfy our definition of privacy.

show abstract

“…For these reasons, we wish to use StatVerif [2] for our analysis; it is an extension of ProVerif which can deal with protocols that have persistent state. Unfortunately, StatVerif does not reliably terminate when the state space is infinite, such as in the case studies we are using in this paper.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Measurement and Protected Execution: Model and Analysis

Xu¹,

Batten

Ryan

2014

Trustworthy Global Computing

View full text Add to dashboard Cite

Abstract. Useful security properties arise from sealing data to specific units of code. Modern processors featuring Intel's TXT and AMD's SVM achieve this by a process of measured and protected execution. Only code which has the correct measurement can access the data, and this code runs in an environment protected from observation and interference. We present a modelling language with primitives for protected execution, along with its semantics. We characterise an attacker who has access to all the capabilities of the hardware. In order to achieve automatic analysis of systems using protected execution without attempting to search an infinite state space, we define transformations that reduce the number of times the attacker needs to use protected execution to a pre-determined bound. Given reasonable assumptions we prove the soundness of the transformation: no secrecy attacks are lost by applying it. We then describe using the StatVerif extensions to ProVerif to model the bounded invocations of protected execution. We show the analysis of realistic systems, for which we provide case studies.

show abstract

StatVerif: Verification of stateful processes

Cited by 34 publications

References 6 publications

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

The TAMARIN Prover for the Symbolic Analysis of Security Protocols

Formal analysis of privacy in Direct Anonymous Attestation schemes

Dynamic Measurement and Protected Execution: Model and Analysis

Contact Info

Product

Resources

About