There are two main ways of defining secrecy of cryptographic protocols. The first version checks if the adversary can learn the value of a secret parameter. In the second version,...
Abstract. We consider two standard notions in formal security protocol analysis: message deducibility and static equivalence under equational theories. We present polynomial-time a...
We provide an effective procedure for deciding the existence of off-line guessing attacks on security protocols, for a bounded number of sessions. The procedure consists of a co...
The combination of first-order epistemic logic and formal cryptography offers a potentially very powerful framework for security protocol verification. In this article, we addre...
We consider the problem of intruder deduction in security protocol analysis: that is, deciding whether a given message M can be deduced from a set of messages under the theory of ...