Security protocol verification has been a very active research area since the 1990s. This
paper surveys various approaches in this area, considering the verification in the symbolic …

Developers use cryptographic APIs in Android with the intent of securing data such as
passwords and personal information on mobile devices. In this paper, we ask whether …

ProVerif is an automatic symbolic protocol verifier. It supports a wide range of cryptographic
primitives, defined by rewrite rules or by equations. It can prove various security properties …

We describe a largely automated and systematic analysis of TLS implementations by what
we call 'protocol state fuzzing': we use state machine learning to infer state machines from …

Automated formal verification of security protocols has been mostly focused on analyzing
high-level abstract models which, however, are significantly different from real protocol …

Internet users today depend daily on HTTPS for secure communication with sites they intend
to visit. Over the years, many attacks on HTTPS and the certificate trust model it uses have …

We study the interaction of the programming construct “new,” which generates statically
scoped names, with communication via messages on channels. This interaction is crucial in …

TLS is the most important cryptographic protocol in use today. However, up to now there is
no complete cryptographic security proof in the standard model, nor in any other model. We …

This manual describes the ProVerif software package version 2.05. ProVerif is a tool for
automatically analyzing the security of cryptographic protocols. Support is provided for, but …

We present the design and implementation of a typechecker for verifying security properties
of the source code of cryptographic protocols and access control mechanisms. The …