In many security protocols, such as group protocols, principals have to perform iterative or recursive computations. We call such protocols recursive protocols. Recently, first results on the decidability of the security of such protocols have been obtained. While recursive protocols often employ operators with algebraic, security relevant properties, such as the exclusive OR (XOR), the existing decision procedures, however, cannot deal with such operators and their properties. In this paper, we show that the security of recursive protocols with XOR is decidable (w.r.t. a bounded number of sessions) for a class of protocols in which recursive computations of principals are modeled by certain Horn theories. Interestingly, this result can be ...
We provide a method for deciding the insecurity of cryptographic protocols in presence of the standa...
International audienceMost of the decision procedures for symbolic analysis of protocols are limited...
We identify a new decidable class of security protocols, both for reachability and equivalence prope...
Cryptographic protocols can be divided into (1) protocols where the protocol steps are simple from a...
In the Horn theory based approach for cryptographic protocol analysis, cryptographic protocols and (...
Cryptographic protocols can be divided into (1) protocols where the protocol steps are simple from a...
AbstractCryptographic protocols can be divided into (1) protocols where the protocol steps are simpl...
kiel.de Truderung’s selecting theory model is one of the few models of cryptographic protocols which...
We present decidability results for the verification of cryptographic protocols in the presence of e...
Abstract. Security protocols aim at securing communications over pub-lic networks. Their design is n...
Abstract. Many decidability results are known for non-recursive cryptographic protocols, where the p...
We use some very recent techniques from process algebra to draw interesting conclusions about the we...
International audienceSecurity protocols aim at securing communications over public networks. Their ...
We provide a method for deciding the insecurity of cryptographic protocols in presence of the standa...
This paper introduces a process calculus with recursion which allows us to express an unbounded numb...
We provide a method for deciding the insecurity of cryptographic protocols in presence of the standa...
International audienceMost of the decision procedures for symbolic analysis of protocols are limited...
We identify a new decidable class of security protocols, both for reachability and equivalence prope...
Cryptographic protocols can be divided into (1) protocols where the protocol steps are simple from a...
In the Horn theory based approach for cryptographic protocol analysis, cryptographic protocols and (...
Cryptographic protocols can be divided into (1) protocols where the protocol steps are simple from a...
AbstractCryptographic protocols can be divided into (1) protocols where the protocol steps are simpl...
kiel.de Truderung’s selecting theory model is one of the few models of cryptographic protocols which...
We present decidability results for the verification of cryptographic protocols in the presence of e...
Abstract. Security protocols aim at securing communications over pub-lic networks. Their design is n...
Abstract. Many decidability results are known for non-recursive cryptographic protocols, where the p...
We use some very recent techniques from process algebra to draw interesting conclusions about the we...
International audienceSecurity protocols aim at securing communications over public networks. Their ...
We provide a method for deciding the insecurity of cryptographic protocols in presence of the standa...
This paper introduces a process calculus with recursion which allows us to express an unbounded numb...
We provide a method for deciding the insecurity of cryptographic protocols in presence of the standa...
International audienceMost of the decision procedures for symbolic analysis of protocols are limited...
We identify a new decidable class of security protocols, both for reachability and equivalence prope...