User menu

Accès à distance ? S'identifier sur le proxy UCLouvain

Formal Analysis of the FIDO 1.x Protocol

Primary tabs

download
  • Open access
  • PDF
  • 416.12 K
Rochet, Florentin [UCL] Pereira, Olivier [UCL] Wiedling, Cyrille [UCL]
Document type Communication à un colloque (Conference Paper) – Présentation orale avec comité de sélection
Access type Accès libre
Publication date 2017
Language Anglais
Conference "10th International Symposium on Foundations & Practice of Security", nancy (France) (du 23/10/2017 au 25/10/2017)
Journal information "Lecture Notes in Computer Science" - , no.10723, p. 68-83 (2017)
Peer reviewed yes
Publisher Springer
Publication status Publié
Affiliation UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique
Links
  1. Armando Alessandro, Carbone Roberto, Compagna Luca, Cuellar Jorge, Tobarra Llanos, Formal analysis of SAML 2.0 web browser single sign-on : breaking the SAML-based single sign-on for google apps, 10.1145/1456396.1456397
  2. Abadi Martín, Fournet Cédric, Mobile values, new names, and secure communication, 10.1145/360204.360213
  3. FIDO Alliance: FIDO Documentation. https://fidoalliance.org/specifications/download/
  4. FIDO Alliance: Fido security reference, September 2016. https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-security-ref-v1.1-id-20160915.html
  5. FIDO Alliance: FIDO U2F JavaScript API, September 2016. https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-javascript-api-v1.1-id-20160915.html
  6. Bortolozzo Matteo, Centenaro Matteo, Focardi Riccardo, Steel Graham, Attacking and fixing PKCS#11 security tokens, 10.1145/1866307.1866337
  7. Bonneau Joseph, Herley Cormac, Oorschot Paul C. van, Stajano Frank, The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes, 10.1109/sp.2012.44
  8. Blanchet B., An efficient cryptographic protocol verifier based on prolog rules, 10.1109/csfw.2001.930138
  9. Chadha Rohit, Ciobâcă Ştefan, Kremer Steve, Automated Verification of Equivalence Properties of Cryptographic Protocols, Programming Languages and Systems (2012) ISBN:9783642288685 p.108-127, 10.1007/978-3-642-28869-2_6
  10. Cheval Vincent, APTE: An Algorithm for Proving Trace Equivalence, Tools and Algorithms for the Construction and Analysis of Systems (2014) ISBN:9783642548611 p.587-592, 10.1007/978-3-642-54862-8_50
  11. Cortier Véronique, Smyth Ben, Attacking and fixing Helios: An analysis of ballot secrecy, 10.3233/jcs-2012-0458
  12. Cortier Véronique, Wiedling Cyrille, A Formal Analysis of the Norwegian E-voting Protocol, Lecture Notes in Computer Science (2012) ISBN:9783642286407 p.109-128, 10.1007/978-3-642-28641-4_7
  13. Google: Chrome browser download. http://google-chrome.en.uptodown.com/ubuntu/old . Accessed 13 Jan 2016
  14. Groß Thomas, Pfitzmann Birgit, Sadeghi Ahmad-Reza, Browser Model for Security Analysis of Browser-Based Protocols, Computer Security – ESORICS 2005 (2005) ISBN:9783540289630 p.489-508, 10.1007/11555827_28
  15. Kremer Steve, Künnemann Robert, Automated analysis of security protocols with global state, 10.3233/jcs-160556
  16. Kremer Steve, Ryan Mark, Analysis of an Electronic Voting Protocol in the Applied Pi Calculus, Programming Languages and Systems (2005) ISBN:9783540254355 p.186-200, 10.1007/978-3-540-31987-0_14
  17. Künnemann Robert, Steel Graham, YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM, Security and Trust Management (2013) ISBN:9783642380037 p.257-272, 10.1007/978-3-642-38004-4_17
  18. Küsters, R., Truderung, T.: Reducing protocol analysis with XOR to the XOR-free Case in the Horn Theory based approach. CoRR (2008)
  19. Lowe Gavin, Breaking and fixing the Needham-Schroeder Public-Key Protocol using FDR, Tools and Algorithms for the Construction and Analysis of Systems (1996) ISBN:9783540610427 p.147-166, 10.1007/3-540-61042-1_43
  20. Needham Roger M., Schroeder Michael D., Using encryption for authentication in large networks of computers, 10.1145/359657.359659
  21. Pfitzmann Birgit, Waidner Michael, Federated Identity-Management Protocols, Security Protocols (2005) ISBN:9783540283898 p.153-174, 10.1007/11542322_20
  22. Rochet, F.: Fido compliant library and Java web application example. https://github.com/frochet/java-u2flib-server . Accessed 13 Jan 2016
  23. Rochet, F.: Modified fido client as a chrome extension. https://github.com/frochet/u2f-ref-code . Accessed 13 Jan 2016
  24. Wiedling, C., Rochet, F., Pereira, O.: Proverif implementation of the fido protocol. https://git-crypto.elen.ucl.ac.be/frochet/fido_proverif
Bibliographic reference Rochet, Florentin ; Pereira, Olivier ; Wiedling, Cyrille. Formal Analysis of the FIDO 1.x Protocol.10th International Symposium on Foundations & Practice of Security (nancy (France), du 23/10/2017 au 25/10/2017). In: Lecture Notes in Computer Science, , no.10723, p. 68-83 (2017)
Permanent URL http://hdl.handle.net/2078.1/197245