%1 @misc{AndersonNeedham95, author = "R. Anderson and R. Needham", title = "Programming Satan's Computer", text = "RJ Anderson, RM Needham, Programming Satan's Computer, in Computer Science Today, Springer LNCS v 1000 pp 426--441", url = "citeseer.nj.nec.com/22376.html", year = 1995, } @Article{Andrew, author = {M. Satyanarayanan}, title = {Integrating security in a large distributed system}, journal = {ACM Transactions on Computer Systems}, year = 1989, volume = 7, number = 3, pages = {247--280} } %2 @Article{AnsonMitchell90, author = {Colin l'Anson and Chris Mitchell}, title = {Security Defects in the CCITT Recomendation X.509 - The Directory Authentication Framework}, journal = {Computer Communication Review}, year = 1990, volume = 20, number = 2, pages = {30-34}, month = {april} } %3 @Article{AzizDiffie94, author = {A. Aziz and W. Diffie}, title = {Privacy and Authentication in Wireless Local Area Networks}, journal = {IEEE Personal Communications}, year = 1994, volume = 1, pages = {25--31} } %5 @Article{BellerChangYacobi93, author = {M. Beller and L. Chang and Y. Yacobi}, title = {Privacy and authentication on a portable communications system}, journal = {IEEE J. Selected Areas in Communications}, year = 1993, volume = 11, number = 6, pages = {821--829} } %6 @Article{BellerYacobi93, author = {M. Beller and Y. Yacobi}, title = {Fully-fledged two-way public key authentication and key agreement for low cost terminals}, journal = {Electronic Letters}, year = 1993, volume = 30, pages = {999--1001} } %7 @Article{BellovinMerritt-kerberos, author = {Steven M. Bellovin, Michael Merritt}, title = {Limitations of the Kerberos Authentication System}, journal = {Computer Communication Review}, year = 1990, volume = 20, number = 5, pages = {119--132}, month = {october} } %8 @InProceedings{BoydMathuria98, author = {C. Boyd and A. Mathuria}, title = {Key Establishment Protocols for Secure Mobile Communications: A Selective Survey}, booktitle = {Information Security and Privacy}, pages = {344-355}, year = 1998, volume = 1438, series = {LNCS}, publisher = {Springer-Verlag} } %9 @techreport{Bradner2002, title = "A Framework for Purpose Built Keys {(PBK)}", author = "Scott Bradner and Allison Mankin and Jeffrey I. Schiller", type = "Internet Draft", month = "November", year = 2002} %10 @InProceedings{BrickellOdlyzko88, author = {E. F. Brickell and A. M. Odlyzko}, title = {Cryptanalysis : A Survey of Recent Results}, booktitle = {Proceedings of the IEEE}, year = 1988, volume = 76, month = {may} } %11 @TechReport{BurrowsAbadiNeedham89, author = {Michael Burrows and Martin Abadi and Roger Needham}, title = {A logic of Authentication}, institution = {Digital Systems Research Center}, year = 1989, number = 39, month = {february} } %12 @Misc{CCITT_X.509, author = {CCITT}, title = {The directory authentification Framework}, howpublished = {Draft Recommendation X.509}, year = 1987, note = {Version 7} } @Article{Carlsen94, author = {U. Carlsen}, title = {Optimal privacy and authentication on a portable communications system}, journal = {Operating Systems Review}, year = 1994, volume = 28, number = 3, pages = {16--23}, month = {July} } @InProceedings{Chadha2001, author = {R. Chadha and M.I. Kanovich and A. Scedrov}, title = {Inductive methods and contract-signing protocols}, booktitle = {8-th ACM Conference on Computer and Communications Security}, year = {2001}, editor = {P. Samarati}, publisher = {ACM Press}, month = nov, adress = {Philadelphia, USA}, pages = {176--185}, } @Article{ClarkJacob95, author = {John A Clark and Jeremy L Jacob}, title = {On the Security of Recent Protocols}, journal = {Information processing Letters}, year = 1995, volume = 56, pages = {151--155} } %13 @Misc{ClarkJacob97, author = {John Clark and Jeremy Jacob}, title = {A Survey of Authentication Protocol Literature}, month = {November}, year = 1997, url = {http://www-users.cs.york.ac.uk/~jac/papers/drareview.ps.gz} } %14 @Unpublished{ClarkJacob_WooLam, author = {John Clark and Jeremy Jacob}, title = {Freshness is Not Enough : Note on Trusted Nonce Generation and Malicious Principals}, note = {attack on a mutual authentification protocol by Woo and Lam} } %15 @Article{DenningSacco81, author = {D. Denning and G. Sacco}, title = {Timestamps in Key Distributed Protocols}, journal = {Communication of the ACM}, year = 1981, volume = 24, number = 8, pages = {533--535} } %16 @Article{DiffieHelman76, author = {W. Diffie and M. Helman}, title = {New Directions in Cryptography}, journal = {IEEE Transactions on Information Society}, year = 1976, volume = 22, number = 6, pages = {644--654}, month = {november} } %19 @InProceedings{GJM99, author = {J. A. Garay and M. Jakobsson and P. MacKenzie}, title = {Abuse-Free Optimistic Contract Signing}, booktitle = "Advances in Cryptology: Proceedings of Crypto'99", volume = {1666}, publisher = {Springer-Verlag}, year = {1999}, series = {Lecture Notes in Computer Science}, pages = {449--466}, } @Article{Gong89, author = {Li Gong}, title = {Using One-Way Functions for Authentication}, journal = {Computer Communication Review}, year = 1989, volume = 19, number = 5, pages = {8--11}, month = {october}, url = "citeseer.nj.nec.com/gong89using.html" } %18 @TechReport{Goubault01_eva, author = {Jean Goubault-Larrecq}, title = {Langage de sp\'{e}cification de protocoles cryptographiques de EVA: syntaxe abstraite et s\'{e}mantique}, institution = {EVA}, year = {2001}, OPTkey = {}, OPTtype = {}, OPTnumber = {2}, OPTaddress = {}, OPTmonth = {}, OPTnote = {}, OPTannote = {} } %17 @Article{HornPreneel, author = {G{\"u}nther Horn and Bart Preneel}, title = {Authentification and payment in future mobile systems}, journal = {Journal of Computer Security}, year = 2000, volume = 8, pages = {183--207} } %4 @book{Huitema98, title = "{IPv6} The New Internet Protocol", author = "Christian Huitema", publisher = "Prentice Hall PTR", year = 1998} %20 @Article{HwangChen_SPLICEAS, author = {Tzonelih Hwang and Yung-Hsiang Chen}, title = {On the security of SPLICE/AS : The authentication system in WIDE Internet}, journal = {Information Processing Letters}, year = 1995, volume = 53, pages = {97-101} } @Article{HwangLeeLiKoChen_NeumannStubblebine, author = {Tzonelih Hwang and Narn-Yoh Lee and Chuang-Ming Li and Ming-Yung Ko and Yung-Hsiang Chen}, title = {Two Attacks on Neumann-Stubblebine Authentication Protocols}, journal = {Information Processing Letters}, year = 1995, volume = 53, pages = {103 - 107} } @Article{KaoChow95, author = {I Lung Kao and Randy Chow}, title = {An Efficient and Secure Authentication Protocol Using Uncertified Keys}, journal = {Operating Systems Review}, year = 1995, volume = 29, number = 3, pages = {14-21} } @inproceedings{Kehne92, author = "Axel Kehne and J{\"u}rgen Sch{\"o}nw{\"a}lder and Horst Langend{\"o}rfer", title = "Multiple Authentications with a Nonce-Based Protocol Using Generalized Timestamps", booktitle = "Proc.\ {ICCC}~'92", address = "Genua", year = 1992, url = "citeseer.nj.nec.com/36793.html" } @inproceedings{Krawczyk_SKEME, author = "Hugo Krawczyk", title = "{SKEME}: {A} Versatile Secure Key Exchange Mechanism for the {I}nternet", booktitle = {Proceedings of the Internet Society Symposium on Network and Distributed System Security}, pages = "114--127", year = 1996, month = {feb}, url = "citeseer.nj.nec.com/krawczyk96skeme.html" } @InProceedings{KremerRaskin2002, author = {Steve Kremer and Jean-Fran\c{c}ois Raskin}, title = {Game Analysis of Abuse-free Contract Signing}, booktitle = {15th Computer Security Foundations Workshop}, pages = {206--220}, year = {2002}, editor = {Steve Schneider}, address = {Cape Breton, Nova Scotia, Canada}, month = jun, publisher = {{IEEE} Computer Society}, } @Article{Lamport-password, author = {L. Lamport}, title = {Password authentication with insecure communication}, journal = {Communications of the ACM}, year = 1981, volume = 24, pages = {770--772}, month = {November} } @Article{Lowe74ipl, author = "Gavin Lowe", title = "An Attack on the {N}eedham-{S}chroeder Public Key Authentication Protocol", journal = ipl, volume = 56, number = 3, pages = "131--136", month = nov, year = 1995, } @Article{Lowe95_NSPK, author = {Gavin Lowe}, title = {An Attack on the Needham-Schroeder Public Key Authentication Protocol}, journal = {Information Processing Letters}, year = 1995, volume = 56, number = 3, pages = {131-136}, month = {november} } @InProceedings{Lowe96, author = {Gavin Lowe}, title = {Some New Attacks upon Security Protocols}, booktitle = {In Proceedings of the Computer Security Foundations Workshop VIII}, year = 1996, editor = {IEEE Computer Society Press} } @TechReport{Lowe97, author = {Gavin Lowe}, title = {A Family of Attacks upon Authentication Protocols}, institution = {Department of Mathematics and Computer Science, University of Leicester}, year = 1997, number = {1997/5} } @article{Lowe97TMN, author = "G. Lowe and A. W. Roscoe", title = "Using {CSP} to Detect Errors in the {TMN} Protocol", journal = "Software Engineering", volume = "23", number = "10", pages = "659-669", year = "1997", url = "citeseer.nj.nec.com/lowe97using.html" } @TechReport{Lowe98, author = {Gavin Lowe}, title = {Towards a completeness result for model checking of security protocols}, institution = {Dept. of Mathematics and Computer Science, University of Leicester}, year = 1998, number = {1998/6} } @TechReport{Lowe_SPLICEAS, author = {Gavin Lowe}, title = {SPLICE/AS: A case study in using CSP to detect errors in security protocols}, institution = {Oxford University Computing Laboratory}, year = 1996 } @InProceedings{Meadows95, author = {C. Meadows}, title = {Formal verification of cryptographic protocols: A survey}, booktitle = {Advances in Cryptology - Asiacrypt 94}, pages = {133--150}, year = 1995, volume = 917, series = {LNCS}, publisher = {Springer-Verlag} } @inproceedings{Montenegro2002, title = "{Statistically Unique and Cryptographically Verifiable (SUCV)} identifiers and addresses", author = "G. Montenegro and C. Castelluccia", booktitle = "Network and Distributed Systems Security Symposium", publisher = "Internet Society", month = "February", year = 2002} @Article{NeedhamSchroeder78, author = {Roger Needham and Michael Schroeder}, title = {Using Encryption for Authentication in Large Networks of Computers}, journal = {Communications of the ACM}, year = 1978, volume = 21, number = 12, month = {december} } @Article{NeedhamSchroeder78cacm, author = "Roger Needham and Michael Schroeder", title = "Using Encryption for Authentification in Large Networks of Computers", journal = cacm, volume = 21, number = 12, month = dec, year = 1978, } @Article{NeedhamSchroeder87, author = {R. Needham and M. Schroeder}, title = {Authentication revisited}, journal = {Operating Systems Review}, year = 1987, volume = 21, number = 7, month = {January} } @Article{NeedhamSchroederSK78, author = {R. Needham and M. Schroeder}, title = {Using Encryption for Authentication in Large Networks of Computers}, journal = {Communications of the ACM}, year = 1978, volume = 21, number = 12, month = {December} } @Article{NeumannStublebine, author = {B. Clifford Neumann and Stuart G. Stubblebine}, title = {A Note on the Use of Timestamps as Nonces}, journal = {Operating Systems Review}, year = 1993, volume = 27, number = 2, pages = {10-14}, month = {april} } @string{lncs={Lecture Notes in Computer Science}} @inproceedings{Nikander2001, title = "Denial-of-service, Address Ownership, and Early Authentication in the {IPv6} World", author = "Pekka Nikander", booktitle = "Security Protocols", series = "Lecture Notes in Computer Science", number = 2467, editor = "B. Christianson and B. Crispo and J. A. Malcolm and M. Roe", publisher = "Springer", year = 2001} @inproceedings{Nikander2003, title = "Integrating Security, Mobility and Multi-Homing in a {HIP} Way", author = "Pekka Nikander and Yukka Ylitalo and Jorma Wall", booktitle = "Network and Distributed Systems Security Symposium", year = 2003} @article{OShea2001, title = "{Child-proof authentication for MIPv6 (CAM)}", author = "Greg O'Shea and Michael Roe", journal = "Computer Communications Review", month = "April", year = "2001" } @Article{OtwayRees87, author = {D. Otway and O. Rees}, title = {Efficient and Timely Mutual Authentication}, journal = {Operating Systems Review}, year = 1987, volume = 21, number = 1, pages = {8--10} } @Article{Paulson_yahalom, author = {Lawrence C. Paulson}, title = {Relations Between Secrets: Two Formal Analyses of the Yahalom Protocol}, journal = {J. Computer Security}, year = 2001 } @inproceedings{Roe2001, title = "Experiences of Mobile {IP} Security", author = "M. Roe", booktitle = "Security Protocols", series = "Lecture Notes in Computer Science", number = 2467, editor = "B. Christianson and B. Crispo and J. A. Malcolm and M. Roe", publisher = "Springer", year = 2001} @techreport{Roe2002, title = "Authentication of Mobile {IPv6} Binding Updates and Acknowledgments", author = "M. Roe and T. Aura and G. O'Shea and J. Arkko", type = "Internet Draft", month = "February", year = 2002} @Article{SPLICEAS, author = {Suguru Yamaguchi and Kiyohiko Okayama and Hideo Miyahara}, title = {The Design and Implementation of an Authentication System for the Wide Area Distributed Environment}, journal = {IEICE Transactions on Information and Systems}, year = 1991, volume = {E74}, number = 11, pages = {3902--3909}, month = {November} } @Article{Shmat2001, author = {Vitaly Shmatikov and John Mitchell}, title = {Finite-state Analysis of Two Contract Signing Protocols}, journal = {Special issue of Theoretical Computer Science on security}, year = {2001}, note = {Accepted for publication.} } @InProceedings{Syverson_replay, author = {Paul Syverson}, title = {A Taxonomy of Replay Attacks}, booktitle = {Proceedings of the 7th IEEE Computer Security Foundations Workshop}, pages = {131-136}, year = 1994, publisher = {IEEE Computer Society Press} } @InProceedings{TMN89, author = {M. Tatebayashi and N. Matsuzaki and D.B. Newman}, title = {Key distribution protocol for digital mobile communication systems}, booktitle = {Advance in Cryptology --- CRYPTO '89}, pages = {324--333}, year = 1989, volume = 435, series = {LNCS}, publisher = {Springer-Verlag} } @Misc{VISA-OP, key = {VOP}, title = {Open Platform Card Specification}, month = {june}, year = 2001, note = {Version 2.1} } @InProceedings{Weidenbach_cade99, author = {Christoph Weidenbach}, title = {Towards an Automatic Analysis of Security Protocols}, booktitle = {Proceedings of the 16th International Conference on Automated Deduction}, pages = {378-382}, year = 1999, editor = {Harald Ganzinger}, volume = 1632, series = {LNAI}, publisher = {Springer} } @Article{WooLam94, author = {T. Y. C. Woo and S. S. Lam}, title = {A Lesson on Authentication Protocol Design}, journal = {Operating Systems Review}, year = 1994 } @article{abadi96prudent, author = "Mart{\'\i}n Abadi and Roger Needham", title = "Prudent Engineering Practice for Cryptographic Protocols", journal = "IEEE Transactions on Software Engineering", volume = "22", number = "1", month = "January", pages = "6--15", year = "1996", url = "citeseer.nj.nec.com/abadi96prudent.html" } @InProceedings{blanchet01, author = {Bruno Blanchet}, title = {An Efficient Cryptographic Protocol Verifier Based on Prolog Rules}, booktitle = {14th IEEE Computer Security Foundations Workshop (CSFW-14)}, year = 2001, editor = {IEEE}, month = {june} } @TechReport{eva-tr1, author = {Jacquemard, Florent and Le M\'{e}tayer, Daniel}, title = {Langage de sp\'{e}cification de protocoles cryptographiques de EVA: syntaxe concr{\`e}te}, institution = {EVA}, year = {2001}, OPTkey = {}, OPTtype = {}, OPTnumber = {1}, OPTaddress = {}, OPTmonth = {}, OPTnote = {}, OPTannote = {} } @TechReport{eva-tr2, author = {Jean Goubault-Larrecq}, title = {Langage de sp\'{e}cification de protocoles cryptographiques de EVA: syntaxe abstraite et s\'{e}mantique}, institution = {EVA}, year = 2001, number = 2 } @TechReport{eva-tr3, author = {Goubault-Larrecq, Jean}, title = {Les syntaxes et la s{\'e}mantique du langage de sp\'{e}cification EVA}, institution = {EVA}, year = 2001, number = 3 } @TechReport{kerberos, author = {B. Clifford Neuman and Theodore Ts'o}, title = {Kerberos : An Authentication Service for Computer Networks}, institution = {USC/ISI}, year = 1994, number = {ISI/RS-94-399} } @Article{Simmons94cacm, author = "Gustavus J. Simmons", title = "Cryptoanalysis and Protocol Failure", journal = cacm, volume = 37, number = 11, year = 1994, month = nov, pages = "56--65", } @InProceedings{Simmons88, author = {Gustavus J. Simmons}, title = {An Impersonation-proof Identity Verification Scheme}, booktitle = {Advances in Cryptology: Proceedings of Crypto 87}, pages = {211-215}, year = 1988, volume = 293, series = {LNCS}, publisher = {Springer-Verlag} } @InProceedings{ShoupRubin96, author = {Victor Shoup and Avi Rubin}, title = {Session Key Distribution using Smart Cards}, booktitle = {In Proceedings of Advances in Cryptology, EUROCRYPT'96}, year = 1996, volume = 1070, series = {LNCS}, publisher = {Springer-Verlag} } @InProceedings{Jerdonek98, author = {Rob Jerdonek and Peter Honeyman and Kevin Coffman and Kim Rees and Kip Wheeler}, title = {Implementation of a Provably Secure, Smartcard-based Key Distribution Protocol}, booktitle = {In Proceedings of the Third Smart Card Research and Advanced Application Conference}, year = 1998 } @InProceedings{BellareRogaway95, author = {Mihir Bellare and Phillip Rogaway}, title = {Provably secure session key distribution-- the three party case}, booktitle = {Proceedings 27th Annual Symposium on the Theory of Computing}, pages = {57--66}, year = 1995, series = {ACM} } @InProceedings{Bella00, author = {Giampaolo Bella}, title = {Mechanising a Protocol for Smart Cards}, booktitle = {Proc. of e-Smart 2001, international conference on research in smart cards}, year = 2001, series = {LNCS}, month = {september}, publisher = {Springer-Verlag} } @Misc{Shoup96update, author = {Victor Shoup}, title = {A note on Session Key Distribution using Smart Cards}, howpublished = {http://www.shoup.net/papers/update.ps}, month = {july}, year = 1996 } @TechReport{SmartRight01, author = {Thomson}, title = {Smartright Technical White Paper v1.0}, institution = {Thomson}, year = 2001, month = {october}, note = {http://www.smartright.org} } @InProceedings{GenetTalpinTong03, author = {Thomas Genet and Yan-Mei Tang-Talpin and Val{\' e}rie Viet Triem Tong}, title = {Verification of Copy-Protection Cryptographic Protocol using Approximations of Term Rewriting Systems}, booktitle = {Proc. of WITS'03, Workshop on Issues in the Theory of Security}, year = 2003 } @article{RS98, author = {P. Y. A. Ryan and S. A. Schneider}, journal = {Information Processing Letters}, number = {1}, pages = {7-10}, title = {An Attack on a Recursive Authentication Protocol: {A} Cautionary Tale}, volume = {65}, year = {1998}, } @techreport{bull97, author = {J. Bull and D. J. Otway}, institution = {Defence Research Agency}, number = {DRA/CIS3/PROJ/CORBA/SC/1/CSM/436-04/03}, title = {The Authentication Protocol}, year = {1997}, } @misc{802.11, key = {802.11}, organization = {L.M.S.C of the IEEE Computer Science Society}, title = {{IEEE}~802.11 {L}ocal and {M}etropolitan {A}rea {N}etworks: {W}ireless {LAN} {M}edium {A}cess {C}ontrol ({MAC}) and {P}hysical ({PHY}) {S}pecifications}, year = {1999}, url = {http://grouper.ieee.org/groups/802/11/main.html}, } @inproceedings{Borisov01, address = {Rome (Italy)}, author = {N. Borisov and I. Goldberg and D. Wagner}, booktitle = {Proc.\ 7th Annual International Conference on Mobile Computing and Networking ({MOBICOM}'01)}, pages = {180-188}, publisher = {ACM Press}, title = {Intercepting Mobile Communications: {T}he Insecurity of~802.11}, year = {2001}, } @book{Gol01, author = {O. Goldreich}, publisher = {Cambridge University Press}, title = {Foundations of Cryptography}, year = {2001}, } @inproceedings{cj98-01-15, author = {S. Goldwasser and S. Micali and C. Rackoff}, booktitle = {Proc.\ 17th annual {ACM} Symposium on Theory of Computing}, pages = {291-304}, publisher = {ACM Press}, title = {The Knowledge Complexity of Interactive Proof-Systems}, year = {1985}, } @inproceedings{BRICS-EP-94-CDS_PPKS, author = {R. Cramer and I. Damg{\aa}rd and B. Schoenmakers}, booktitle = {Proc.\ 14th Annual International Cryptology Conference ({CRYPTO}'94)}, pages = {174-187}, publisher = {Springer-Verlag}, series = {LNCS}, title = {Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols}, year = {1994}, address = {Santa Barbara (California, USA)}, volume = {963}, }