Related papers: Authentication by Witness Functions
In this paper, we present a new formal method to analyze cryptographic protocols statically for the property of secrecy. It consists in inspecting the level of security of every component in the protocol and making sure that it does not…
In this paper, we present a new semi-decidable procedure to analyze cryptographic protocols for secrecy based on a new class of functions that we call: the Witness-Functions. A Witness-Function is a reliable function that guarantees the…
In this paper, we use the witness-functions to analyze cryptographic protocols for secrecy under nonempty equational theories. The witness-functions are safe metrics used to compute security. An analysis with a witness-function consists in…
Proving that a cryptographic protocol is correct for secrecy is a hard task. One of the strongest strategies to reach this goal is to show that it is increasing, which means that the security level of every single atomic message exchanged…
In this paper, we enunciate the theorem of secrecy in tagged protocols using the theory of witness-functions and we run a formal analysis on a new tagged version of the Needham-Schroeder public-key protocol using this theorem. We discuss…
In this paper, we show how practical the little theorem of witness functions is in detecting security flaws in some category of cryptographic protocols. We convey a formal analysis of the Needham-Schroeder symmetric-key protocol in the…
Software verification witnesses are a common exchange format for software verification tools. They were developed to provide arguments supporting the verification result, allowing other tools to reproduce the verification results.…
Online services commonly attempt to verify the legitimacy of users with CAPTCHAs. However, CAPTCHAs are annoying for users, often difficult for users to solve, and can be defeated using cheap labor or, increasingly, with improved…
In recent times, many protocols have been proposed to provide security for various information and communication systems. Such protocols must be tested for their functional correctness before they are used in practice. Application of formal…
We present a new technique for verifying correspondences in security protocols. In particular, correspondences can be used to formalize authentication. Our technique is fully automatic, it can handle an unbounded number of sessions of the…
Authentication and authorization are two tightly coupled and interrelated concepts which are used to keep transactions secure and help in protecting confidential information. This paper proposes to evaluate the current techniques used for…
Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that…
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step. In conventional signcryption only receiver of the signcrypted text can verify the authenticity of the origin i.e. signature of the…
Web servers service client requests, some of which might cause the web server to perform security-sensitive operations (e.g. money transfer, voting). An attacker may thus forge or maliciously manipulate such requests by compromising a web…
In the paper we introduce a process model of security protocols, where processes are graphs with edges labelled by actions, and present a new method of specification and verification of security protocols based on this model.
Cryptographic protocols aim at securing communications over insecure networks such as the Internet, where dishonest users may listen to communications and interfere with them. A secure communication has a different meaning depending on the…
In this paper, we provide an overview of fingerprint sensing methods used for authentication. We analyze the current fingerprint sensing technologies, from algorithmic, as well as from hardware perspectives. We then focus on methods to…
Transparency protocols are protocols whose actions can be publicly monitored by observers (such observers may include regulators, rights advocacy groups, or the general public). The observed actions are typically usages of private keys such…
We analyze the recently introduced notion of quantumness witness and compare it to that of entanglement witness. We show that any entanglement witness is also a quantumness witness. We then consider some physically relevant examples and…
Security protocols are essential building blocks of modern IT systems. Subtle flaws in their design or implementation may compromise the security of entire systems. It is, thus, important to prove the absence of such flaws through formal…