Research / Groupings / Formal Verification And Security / Security Protocols

Security Protocols

We are developing formalisms and theories for the modelling of security protocols, as well as methods and software tools for their analysis. The importance of this work lies in the ability to analyse a complex design, before the actual hardware or software component has been manufactured and deployed. The effort spent on deriving a model and analysing it results in an assurance that the end product does indeed satisfy its security objectives. Our current research focuses on privacy properties as found in trusted computing, contract signing and electronic voting protocols.

People: Myrto Arapinis, Tom Chothia, Tien Tuan Anh Dinh, Aybek Mukhamedov, Eike Ritter, Mark Ryan, Annie Salaiwarakul, Matthew Smart, Ben Smyth.

Publications

19 publications:

[DelauneKremerRyan2009EVoting] Stéphanie Delaune, Steve Kremer and Mark Ryan. Verifying Privacy-type Properties of Electronic Voting Protocols. Journal of Computer Security, pages 435-487, IOS Press. 2009.
[MukhamedovRyan2008] Aybek Mukhamadov and Mark Ryan. Fair Multi-party Contract Signing using Private Contract Signatures. Information and Computation, pages 272-290. 2008.
[ChenRyan2008] Liqun Chen and Mark Ryan. Offline dictionary attack on TCG TPM weak authorisation data, and solution. In D. Grawrock and H. Reimer and A. Sadeghi and C. Vishik (editors) Future of Trust in Computing, Vieweg & Teubner. 2008.
[SalaiwarakulRyan2008] Anongporn Salaiwarakul and Mark Ryan. Verification of Integrity and Secrecy Properties of a biometric Authentication Protocol. In Fourth Information Security Practice and Experience Conference (ISPEC'08), Springer. 2008.
[MukhamedovRyan2008Escrow] Aybek Mukhamedov and Mark Ryan. Anonymity protocol with identity escrow, and analysis in the applied pi calculus. Submitted TSC. 2008.
[DelauneKremerRyan2008] Stéphanie Delaune, Steve Kremer and Mark Ryan. Composition of Password-based Protocols. In 21st IEEE Computer Security Foundations Symposium, IEEE Computer Society Press. 2008.
[SalaiwarakulRyan2008Biometric] Anongporn Salaiwarakul and Mark Ryan. Analysis of a Biometric Authentication Protocol for Signature Creation Application. In Third International Workshop on Security (IWSEC'08), Springer. 2008.
[ICICS08] Liqun Chen and Mark Dermot Ryan and Guilin Wang. Information and Communications Security. 2008.
[DAAsrc07] Ben Smyth, Mark Ryan and Liqun Chen. Direct Anonymous Attestation (DAA): Ensuring privacy with corrupt administrators. In F. Stajano (editor) ESAS'07: Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks, volume 4572 of Lecture Notes in Computer Science, pages 218--231, Springer-Verlag. 2007. [pdf] [bib]
[DelauneKremerRyan2007] Stéphanie Delaune, Steve Kremer and Mark Ryan. Symbolic bisimulation for the applied pi calculus. In Foundations of Software Technology and Theoretical Computer Science (FSTTCS'07), Springer. 2007.
[DelauneKremerRyan2007abs] Stéphanie Delaune, Steve Kremer and Mark Ryan. Symbolic bisimulation for the applied pi calculus (extended abstract). In International Workshop on Security Issues in Concurrency, Springer. 2007.
[MukhamedovRyan2007Escrow] Aybek Mukhamedov and Mark Ryan. Anonymity protocol with identity escrow, and analysis in the applied pi calculus. In G. Barthe and C. Fournet (editors) Trustworthy Global Computing, Springer. 2007.
[MukhamedovRyan2007Contract] Aybek Mukhamedov and Mark Ryan. Improved multi-party contract signing. In Financial Cryptography and Data Security, volume 4889 of LNCS, pages 179-191, Springer. 2007.
[MukhamedovRyan2006] Aybek Mukhamedov and Mark Ryan. Resolve-Impossibility for a Contract-Signing Protocol. In 19th Computer Security Foundations Workshop (CSFW), pages 167-176, IEEE Computer Society Press. 2006.
[DelauneKremerRyan2006Coercion] Stéphanie Delaune, Steve Kremer and Mark Ryan. Coercion-resistance and Receipt-freeness in Electronic Voting. In 19th Computer Security Foundations Workshop (CSFW), pages 28-42, IEEE Computer Society Press. 2006.
[DelauneKremerRyan2006VerifyingVoting] Stéphanie Delaune, Steve Kremer and Mark Ryan. Verifying properties of electronic voting protocols. In David Chaum and Ron Rivest and Markus Jakobsson and Berry Schoenmakers and Peter Ryan and Josh Benaloh and Mirek Kutylowski (editors) Towards Trustworthy Election Systems. 2006.
[MukhamedovRyan2005] Aybek Mukhamedov and Mark Ryan. On Anonymity with Identity Escrow. In Proceedings of the Third international Workshop on Formal Aspects in Security and Trust (FAST2005), volume 3866 of LNCS, pages 235-243, Springer. 2005.
[KremerRyan2005] Steve Kremer and Mark Ryan. Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In Proceedings of the European Symposium on Programming (ESOP'05), pages 186-200, Springer. Lecture Notes in Computer Science series. 2005.
[KremerRyan2004] Steve Kremer and Mark Ryan. Analysing the vulnerability of protocols to produce known-pair and chosen-text attacks. In Proceedings of the 2nd International Workshop on Security Issues in Coordination Models, Languages, and Systems (SecCo 2004), pages 87-104. Electronic Notes in Theoretical Computer Science - Special Issue for CONCUR'04 Workshop on Security Issues in Coordination Models, Languages and Systems (SecCo'04). 2004.

University of Birmingham

Security Protocols

Publications