Secrets are the basis of most protocol security, enabling authentication and secrecy over untrusted channels even in the presence of active adversaries. The compromise and misuse of secrets can therefore undermine the properties that people and systems rely on for their security. In this thesis, we develop foundations and constructions for security protocols that can automatically detect, without false positives, if a secret such as a key or password has been misused. These constructions allow protocol participants to automatically trigger an appropriate response and minimize the effects of compromise. Our threat model includes malicious agents, (temporarily or permanently) compromised agents, and clones. Unlike existing approaches to dete...
Perfect Forward Secrecy (PFS) is vital in contemporary authenticated key exchange (AKE) protocols. T...
Security protocols are communication protocols that are used when agents communicate sensitive infor...
Security protocols are notoriously difficult to debug. One approach to the automatic verification of...
Secrets are the basis of most protocol security, enabling authentication and secrecy over untrusted ...
We develop foundations and several constructions for security protocols that can automatically detec...
We develop foundations and several constructions for security protocols that can automatically detec...
As distributed computing becomes increasingly prevalent, driving a demand for security and privacy i...
Encryption is useful only if the decryption key has not been exposed to adversaries; in particular, ...
The standard definition of security for digital signatures—existential unforgeability—does not ensur...
Digital communication is secured by applying cryptographic functions, most notably encryption using ...
Security protocols are widely used to ensure secure communications over insecure networks, such as t...
As more resources are added to computer networks, and as more vendors look to the World Wide Web as ...
Security protocols specify the communication required to achieve security objectives, e.g., data-pri...
Recent technologies have cleared the way for large scale application of electronic communication. Th...
Many modern security protocols such as TLS, WPA2, WireGuard, and Signal use a cryptographic primitiv...
Perfect Forward Secrecy (PFS) is vital in contemporary authenticated key exchange (AKE) protocols. T...
Security protocols are communication protocols that are used when agents communicate sensitive infor...
Security protocols are notoriously difficult to debug. One approach to the automatic verification of...
Secrets are the basis of most protocol security, enabling authentication and secrecy over untrusted ...
We develop foundations and several constructions for security protocols that can automatically detec...
We develop foundations and several constructions for security protocols that can automatically detec...
As distributed computing becomes increasingly prevalent, driving a demand for security and privacy i...
Encryption is useful only if the decryption key has not been exposed to adversaries; in particular, ...
The standard definition of security for digital signatures—existential unforgeability—does not ensur...
Digital communication is secured by applying cryptographic functions, most notably encryption using ...
Security protocols are widely used to ensure secure communications over insecure networks, such as t...
As more resources are added to computer networks, and as more vendors look to the World Wide Web as ...
Security protocols specify the communication required to achieve security objectives, e.g., data-pri...
Recent technologies have cleared the way for large scale application of electronic communication. Th...
Many modern security protocols such as TLS, WPA2, WireGuard, and Signal use a cryptographic primitiv...
Perfect Forward Secrecy (PFS) is vital in contemporary authenticated key exchange (AKE) protocols. T...
Security protocols are communication protocols that are used when agents communicate sensitive infor...
Security protocols are notoriously difficult to debug. One approach to the automatic verification of...