Home

Course description

Lecture notes

Assignments

Projects

Tools

Reference

CS 395T - Design and Analysis of Security Protocols (54302)

Fall 2004

Lecture notes

1. Course outline. Needham-Schroeder public-key protocol. Introduction to Murphi.   [PDF]
2. SSL/TLS case study.   [PDF]
3. Overview of IP security. Internet Key Exchange (IKE) protocol and predecessors.   [PDF]
4. Introduction to process algebra. Modeling security protocols in process calculi.   [PDF]
5. Just Fast Keying (JFK) protocol.   [PDF]
6. Security as observational equivalence. JFK protocol in applied pi calculus.   [PDF]
7. Protocols for anonymity.   [PDF]
8. Probabilistic model checking.   [PDF]
9. Probabilistic contract signing.   [PDF]
10. Compositional protocol logic.   [PDF]
11. Inductive method. Analyzing SET with the inductive method.   [PDF]
12. Symbolic constraint solving for security protocols.   [PDF]
13. Formal definitions of security for symmetric ciphers.   [PDF]
14. Formal model for secure key exchange. Simulatability-based proofs of protocol security.   [PDF]
15. Probabilistic polynomial-time process calculus.   [PDF]
16. Computational soundness of formal models.   [PDF]
17. Fair exchange and contract signing protocols.   [PDF]
18. Game-based verification of contract signing protocols.   [PDF]
19. Universal composability framework (presented by Glen Nuckolls).   [PDF]

Student projects

• Ajay Mahimkar. Game-based analysis of denial-of-service protection.   [PDF]
• David Rager. Modeling JFKr protocol with ACL2.   [PDF]
• Shamsundar Ashok. Analysis of Internet voting protocols.   [PDF]
• Justin Brickell. Privacy preserving graph algorithms.   [PDF]
• Harsha Narayan. Finite-state verification of BGP.
• Ankur Gupta. Verification of Group Diffie-Hellman protocols with ProVerif.   [PDF]

Student presentations

• Ajay Mahimkar. Formal model for denial of service (by Meadows).   [PDF]
• Harsha Narayan. Formal verification of routing protocols (by Bhargavan et al.).   [PDF]
• Ankur Gupta. Multicast security (by Canetti et al.).   [PDF]
• Kevin Kane. Web spoofing (by Felten et al. and Chou et al.).   [PDF]
• David Rager. Trusted computing (by Garfinkel et al.).   [PDF]
• Justin Brickell. Privacy preserving data mining (by Lindell and Pinkas).   [PDF]
• David Fink. Automatic proofs of strong secrecy (by Blanchet).   [PDF]
• Shamsundar Ashok. Security of 802.11 (by Borisov et al. and Arbaugh et al.).   [PDF]