Author image not provided
 C. J. F. Cremers
 cas.cremersatgmail.com

  Affiliation history
Bibliometrics: publication history
Average citations per article9.03
Citation Count352
Publication count39
Publication years2003-2017
Available for download9
Average downloads per article242.11
Downloads (cumulative)2,179
Downloads (12 Months)286
Downloads (6 Weeks)43
SEARCH
ROLE
Arrow RightAuthor only


AUTHOR'S COLLEAGUES
See all colleagues of this author

SUBJECT AREAS
See all subject areas




BOOKMARK & SHARE


39 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 39
Result page: 1 2

Sort by:

1 published by ACM
November 2017 ACM SIGLOG News: Volume 4 Issue 4, October 2017
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 5,   Downloads (12 Months): 7,   Downloads (Overall): 7

Full text available: PDFPDF
During the last three decades, there has been considerable research devoted to the symbolic analysis of security protocols and existing tools have had considerable success both in detecting attacks on protocols and showing their absence. Nevertheless, there is still a large discrepancy between the symbolic models that one specifies on ...

2 published by ACM
October 2017 CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 16,   Downloads (12 Months): 84,   Downloads (Overall): 84

Full text available: PDFPDF
The TLS protocol is intended to enable secure end-to-end communication over insecure networks, including the Internet. Unfortunately, this goal has been thwarted a number of times throughout the protocol's tumultuous lifetime, resulting in the need for a new version of the protocol, namely TLS 1.3. Over the past three years, ...
Keywords: symbolic verification, authenticated key exchange, tls~1.3

3
October 2017 FMCAD '17: Proceedings of the 17th Conference on Formal Methods in Computer-Aided Design
Publisher: FMCAD Inc
Bibliometrics:
Citation Count: 0

In this talk I will present the Tamarin Prover, an analysis tool for symbolic security analysis of systems. A prime example of systems that fall within its scope are security protocols that are executed in the presence of an active attacker. Tamarins state-of-the-art analysis of such systems requires dealing with ...

4
April 2017 International Journal of Information Security: Volume 16 Issue 2, April 2017
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 0

Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope ...
Keywords: Invalid public keys, Unknown key share (UKS) attacks, 94A60, Authenticated key exchange (AKE), PKI, Certification authority (CA)

5
November 2016 International Journal of Information Security: Volume 15 Issue 6, November 2016
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 0

We provide the first systematic analysis of the ISO/IEC 11770 standard for key management techniques (2009, 2009), which describes a set of key establishment, key agreement, and key transport protocols. We analyse the claimed security properties, as well as additional modern requirements on key management protocols, for over 30 protocols ...
Keywords: Formal analysis, Security protocols, ISO, Protocol standards

6
May 2015 ICSE '15: Proceedings of the 37th International Conference on Software Engineering - Volume 2
Publisher: IEEE Press
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 2,   Downloads (12 Months): 20,   Downloads (Overall): 38

Full text available: PDFPDF
We report upon our experiences in developing and delivering a programme of part-time education in Software and Systems Security at the University of Oxford. The MSc in Software and Systems Security is delivered as part of the Software Engineering Programme at Oxford --- a collection of one-week intensive courses aimed ...

7
January 2015 Designs, Codes and Cryptography: Volume 74 Issue 1, January 2015
Publisher: Kluwer Academic Publishers
Bibliometrics:
Citation Count: 5

We show that it is possible to achieve perfect forward secrecy (PFS) in two-message or one-round key exchange (KE) protocols even in the presence of very strong active adversaries that can reveal random values of sessions and compromise long-term secret keys of parties. We provide two new game-based security models ...
Keywords: 94A60 Cryptography, Actor compromise, Ephemeral-key reveal, Key exchange, Perfect forward secrecy, Protocol transformations, Security models

8 published by ACM
November 2014 ACM Transactions on Information and System Security (TISSEC): Volume 17 Issue 2, November 2014
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 9,   Downloads (12 Months): 56,   Downloads (Overall): 380

Full text available: PDFPDF
We present a symbolic framework, based on a modular operational semantics, for formalizing different notions of compromise relevant for the design and analysis of cryptographic protocols. The framework’s rules can be combined to specify different adversary capabilities, capturing different practically-relevant notions of key and state compromise. The resulting adversary models ...
Keywords: Security protocols, threat models, adversary models, automated analysis

9 published by ACM
November 2014 CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 10
Downloads (6 Weeks): 14,   Downloads (12 Months): 103,   Downloads (Overall): 490

Full text available: PDFPDF
We present ARPKI, a public-key infrastructure that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research. Moreover, ARPKI is co-designed with a formal model, and we verify ...
Keywords: attack resilience, public log servers, public-key infrastructure, tls, certificate validation, formal validation

10
July 2014 CSF '14: Proceedings of the 2014 IEEE 27th Computer Security Foundations Symposium
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 1

Despite Alice's best efforts, her long-term secret keys may be revealed to an adversary. Possible reasons include weakly generated keys, compromised key storage, subpoena, and coercion. However, Alice may still be able to communicate securely with other parties, depending on the protocol used. We call the associated property resilience against ...
Keywords: Security protocols, security properties, Key Compromise Impersonation, adversary models, TLS, SSH

11
May 2014 SP '14: Proceedings of the 2014 IEEE Symposium on Security and Privacy
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 1

We advance the state-of-the-art in automated symbolic cryptographic protocol analysis by providing the first algorithm that can handle Diffie-Hellman exponentiation, bilinear pairing, and AC-operators. Our support for AC-operators enables protocol specifications to use multisets, natural numbers, and finite maps. We implement the algorithm in the Tamarin prover and provide the ...

12
November 2013 Journal of Computer Security - Security and Trust Principles: Volume 21 Issue 6, November 2013
Publisher: IOS Press
Bibliometrics:
Citation Count: 4

We formally analyze the family of entity authentication protocols defined by the ISO/IEC 9798 standard and find numerous weaknesses, both old and new, including some that violate even the most basic authentication guarantees. We analyze the cause of these weaknesses, propose repaired versions of the protocols, and provide automated, machine-checked ...

13
July 2013 CAV 2013: Proceedings of the 25th International Conference on Computer Aided Verification - Volume 8044
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 0

The Tamarin prover supports the automated, unbounded, symbolic analysis of security protocols. It features expressive languages for specifying protocols, adversary models, and properties, and support for efficient deduction and equational reasoning. We provide an overview of the tool and its applications.

14
July 2013 CAV'13: Proceedings of the 25th international conference on Computer Aided Verification
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 17

The Tamarin prover supports the automated, unbounded, symbolic analysis of security protocols. It features expressive languages for specifying protocols, adversary models, and properties, and support for efficient deduction and equational reasoning. We provide an overview of the tool and its applications.

15
January 2013 Journal of Computer Security: Volume 21 Issue 1, January 2013
Publisher: IOS Press
Bibliometrics:
Citation Count: 2

We embed an untyped security protocol model in the interactive theorem prover Isabelle/HOL and derive a theory for constructing proofs of secrecy and authentication properties. Our theory is based on two key ingredients. The first is an inference rule for enumerating the possible origins of messages known to the intruder. ...
Keywords: Formal Methods, Security Protocols, Automatic Proof Generation, Theorem Proving

16
October 2012
Bibliometrics:
Citation Count: 4

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests ...

17
June 2012 CSF '12: Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 15

We present a general approach for the symbolic analysis of security protocols that use Diffie-Hellman exponentiation to achieve advanced security properties. We model protocols as multiset rewriting systems and security properties as first-order formulas. We analyze them using a novel constraint-solving algorithm that supports both falsification and verification, even in ...
Keywords: Formal Methods for Security, Security Models, Security Protocols, Key Exchange Protocols, Diffie-Hellman

18
May 2012 SP '12: Proceedings of the 2012 IEEE Symposium on Security and Privacy
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 26

After several years of theoretical research on distance bounding protocols, the first implementations of such protocols have recently started to appear. These protocols are typically analyzed with respect to three types of attacks, which are historically known as Distance Fraud, Mafia Fraud, and Terrorist Fraud. We define and analyze a ...
Keywords: Distance bounding, location verification, position verification, attacks, hijacking, multi-prover environment, formal model, formal verification

19
March 2012 POST'12: Proceedings of the First international conference on Principles of Security and Trust
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 2

We formally analyze the family of entity authentication protocols defined by the ISO/IEC 9798 standard and find numerous weaknesses, both old and new, including some that violate even the most basic authentication guarantees. We analyse the cause of these weaknesses, propose repaired versions of the protocols, and provide automated, machine-checked ...

20
September 2011 ESORICS'11: Proceedings of the 16th European conference on Research in computer security
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 7

The IPsec standard aims to provide application-transparent end-to-end security for the Internet Protocol. The security properties of IPsec critically depend on the underlying key exchange protocols, known as IKE (Internet Key Exchange). We provide the most extensive formal analysis so far of the current IKE versions, IKEv1 and IKEv2. We ...
Keywords: IKEv2, IPsec, formal analysis, IKEv1, multi-protocol attacks, IKE, protocol interaction, security protocols



The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us