research-article

A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello

Authors:

Karthikeyan Bhargavan,

Vincent Cheval,

Christopher WoodAuthors Info & Claims

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Pages 365 - 379

https://doi.org/10.1145/3548606.3559360

Published: 07 November 2022 Publication History

Abstract

TLS 1.3, the newest version of the Transport Layer Security (TLS) protocol, provides strong authentication and confidentiality guarantees that have been comprehensively analyzed in a variety of formal models. However, despite its controversial use of handshake meta-data encryption, the privacy guarantees of TLS 1.3 remain weak and poorly understood. For example, the protocol reveals the identity of the target server to network attackers, allowing the passive surveillance and active censorship of TLS connections. To close this gap, the IETF TLS working group is standardizing a new privacy extension called Encrypted Client Hello (ECH, previously called ESNI), but the absence of a formal privacy model makes it hard to verify that this extension works. Indeed, several early drafts of ECH were found to be vulnerable to active network attacks.

In this paper, we present the first mechanized formal analysis of privacy properties for the TLS 1.3 handshake. We study all standard modes of TLS 1.3, with and without ECH, using the symbolic protocol analyzer ProVerif. We discuss attacks on ECH, some found during the course of this study, and show how they are accounted for in the latest version. Our analysis has helped guide the standardization process for ECH and we provide concrete privacy recommendations for TLS implementors. We also contribute the most comprehensive model of TLS 1.3 to date, which can be used by designers experimenting with new extensions to the protocol. Ours is one of the largest privacy proofs attempted using an automated verification tool and may be of general interest to protocol analysts.

References

[1]

2022. TLS ECH open source reposiory. https/gitlab.inra.fr/chevalvi/echo_tls.

[2]

Martín Abadi and Phillip Rogaway. 2000. Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption). In IFIP TCS (Lecture Notes in Computer Science, Vol. 1872). Springer, 3--22.

[3]

David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, et al. 2015. Imperfect forward secrecy: How Diffie-Hellman fails in practice. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 5--17.

Digital Library

[4]

Nadhem J. AlFardan and Kenneth G. Paterson. 2013. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In 2013 IEEE Symposium on Security and Privacy (SP 2013). 526--540.

[5]

Ghada Arfaoui, Xavier Bultel, Pierre-Alain Fouque, Adina Nedelcu, and Cristina Onete. 2019. The privacy of the TLS 1.3 protocol. Proceedings on Privacy Enhancing Technologies, Vol. 2019, 4 (2019), 190--210.

[6]

Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt. 2016. DROWN: Breaking TLS Using SSLv2. In USENIX Security Symposium. 689--706.

Digital Library

[7]

David Baelde, Stéphanie Delaune, and Solène Moreau. 2020. A Method for Proving Unlinkability of Stateful Protocols. In Proceedings of the 33rd IEEE Computer Security Foundations Symposium (CSF'20). IEEE Computer Society Press, Virtual conference, 169--183.

[8]

Manuel Barbosa, Gilles Barthe, Karthik Bhargavan, Bruno Blanchet, Cas Cremers, Kevin Liao, and Bryan Parno. 2021. SoK: Computer-Aided Cryptography. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021. IEEE, 777--795.

[9]

Richard Barnes, Benjamin Beurdouche, Raphael Robert, Jon Millican, Emad Omara, and Katriel Cohn-Gordon. 2021a. The Messaging Layer Security (MLS) Protocol. Internet-Draft draft-ietf-mls-protocol-12. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-mls-protocol-12 Work in Progress.

[10]

Richard Barnes, Karthikeyan Bhargavan, Benjamin Lipp, and Christopher A. Wood. 2021b. Hybrid Public Key Encryption. Internet-Draft draft-irtf-cfrg-hpke-12. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hpke-12

[11]

Richard Barnes, Bruce Schneier, Cullen Jennings, Ted Hardie, Brian Trammell, Christian Huitema, and Daniel Borkmann. 2015. Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement. RFC 7624. https://doi.org/10.17487/RFC7624

Digital Library

[12]

David A. Basin, Jannik Dreier, and Ralf Sasse. 2015. Automated Symbolic Proofs of Observational Equivalence. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 1144--1155. https://doi.org/10.1145/2810103.2813662

Digital Library

[13]

Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, and Jean Karim Zinzindohoue. 2015. A Messy State of the Union: taming the Composite State Machines of TLS. In IEEE Symposium on Security & Privacy (Oakland).

Digital Library

[14]

Karthikeyan Bhargavan, Bruno Blanchet, and Nadim Kobeissi. 2017a. Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate. In 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017. 483--502.

[15]

Karthikeyan Bhargavan, Christina Brzuska, Cédric Fournet, Matthew Green, Markulf Kohlweiss, and Santiago Zanella Béguelin. 2016. Downgrade Resilience in Key-Exchange Protocols. In IEEE Symposium on Security and Privacy (Oakland). 506--525.

[16]

Karthikeyan Bhargavan, Vincent Cheval, and Christopher Wood. 2022. Handshake Privacy for TLS 1.3 - Technical report. Technical report. https://gitlab.inria.fr/chevalvi/echo_tls/-/raw/master/Technical%20Report.pdf

[17]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jianyang Pan, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella-Béguelin, and Jean Zinzindohoué. 2017b. Implementing and proving the TLS 1.3 record layer. In SP 2017-38th IEEE Symposium on Security and Privacy. 463--482.

[18]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti, and Pierre-Yves Strub. 2014. Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS. In IEEE Symposium on Security & Privacy (Oakland). 98--113.

Digital Library

[19]

Karthikeyan Bhargavan and Gaëtan Leurent. 2016a. On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HTTP over TLS and OpenVPN. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 456--467.

Digital Library

[20]

Karthikeyan Bhargavan and Gaetan Leurent. 2016b. Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH. In ISOC Network and Distributed System Security Symposium (NDSS).

[21]

Bruno Blanchet. 2018. Composition Theorems for CryptoVerif and Application to TLS 1.3. In IEEE Computer Security Foundations Symposium (CSF). 16--30.

[22]

Bruno Blanchet, Vincent Cheval, and Véronique Cortier. 2022. ProVerif with lemmas, induction, fast subsumption, and much more. In IEEE Symposium on Security and Privacy (S&P'22). IEEE Computer Society. To appear.

[23]

Jacqueline Brendel, Marc Fischlin, and Felix Günther. 2019. Breakdown Resilience of Key Exchange Protocols: NewHope, TLS 1.3, and Hybrids. In Computer Security - ESORICS 2019 - 24th European Symposium on Research in Computer Security, Luxembourg, September 23-27, 2019, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 11736), Kazue Sako, Steve A. Schneider, and Peter Y. A. Ryan (Eds.). Springer, 521--541.

Digital Library

[24]

Zimo Chai, Amirhossein Ghafari, and Amir Houmansadr. 2019. On the importance of encrypted-SNI ({ESNI}) to censorship circumvention. In 9th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 19).

[25]

Vincent Cheval, Steve Kremer, and Itsaka Rakotonirina. 2018. DEEPSEC: Deciding Equivalence Properties in Security Protocols Theory and Practice. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. IEEE Computer Society, 529--546. https://doi.org/10.1109/SP.2018.00033

[26]

Véronique Cortier, Antoine Dallon, and Sté phanie Delaune. 2017. SAT-Equiv: An Efficient Tool for Equivalence Properties. In 30th IEEE Computer Security Foundations Symposium, CSF 2017, Santa Barbara, CA, USA, August 21-25, 2017. IEEE Computer Society, 481--494. https://doi.org/10.1109/CSF.2017.15

[27]

Vé ronique Cortier, David Galindo, and Mathieu Turuani. 2018. A Formal Analysis of the Neuchatel e-Voting Protocol. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24--26, 2018. IEEE, 430--442. https://doi.org/10.1109/EuroSP.2018.00037

[28]

Véronique Cortier, Steve Kremer, and Bogdan Warinschi. 2011. A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems. J. Autom. Reason., Vol. 46, 3-4 (apr 2011), 225--259.

Digital Library

[29]

Vé ronique Cortier and Cyrille Wiedling. 2017. A formal analysis of the Norwegian E-voting protocol. J. Comput. Secur., Vol. 25, 1 (2017), 21--57. https://doi.org/10.3233/JCS-15777

[30]

Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, and Thyla van der Merwe. 2017. A comprehensive symbolic analysis of TLS 1.3. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 1773--1788.

[31]

Cas Cremers, Marko Horvat, Sam Scott, and Thyla van der Merwe. 2016. Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication. In IEEE Symposium on Security and Privacy (Oakland). 470--485.

[32]

Özgür Dagdelen, Marc Fischlin, Tommaso Gagliardoni, Giorgia Azzurra Marson, Arno Mittelbach, and Cristina Onete. 2013. A cryptographic analysis of OPACITY. In European Symposium on Research in Computer Security. Springer, 345--362.

[33]

David Peters. 2019. Breaking Bad -- Are You Ready to Lawfully Intercept TLS 1.3? https://www.infosecurity-magazine.com/opinions/intercept-tls-13/.

[34]

Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella Bé guelin, Karthikeyan Bhargavan, Jianyang Pan, and Jean Karim Zinzindohoue. 2017. Implementing and Proving the TLS 1.3 Record Layer. In 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017. 463--482.

[35]

Antoine Delignat-Lavaud, Cé dric Fournet, Bryan Parno, Jonathan Protzenko, Tahina Ramananandro, Jay Bosamiya, Joseph Lallemand, Itsaka Rakotonirina, and Yi Zhou. 2021. A Security Model and Fully Verified Implementation for the IETF QUIC Record Layer. In IEEE Symposium on Security and Privacy (Oakland). 1162--1178.

[36]

D. Dolev and A. Yao. 2006. On the Security of Public Key Protocols. In IEEE Trans. Inf. Theor., Vol. 29. 198--208.

Digital Library

[37]

Jason A. Donenfeld. 2017. WireGuard: Next Generation Kernel Network Tunnel. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017. The Internet Society.

[38]

Benjamin Dowling, Marc Fischlin, Felix Günther, and Douglas Stebila. 2015. A Cryptographic Analysis of the TLS 1.3 Handshake Protocol Candidates. In ACM Conference on Computer and Communications Security (CCS). 1197--1210.

Digital Library

[39]

Benjamin Dowling, Marc Fischlin, Felix Gü nther, and Douglas Stebila. 2021. A Cryptographic Analysis of the TLS 1.3 Handshake Protocol. J. Cryptol., Vol. 34, 4 (2021), 37.

Digital Library

[40]

Nir Drucker and Shay Gueron. 2019. Selfie: reflections on TLS 1.3 with PSK. IACR Cryptol. ePrint Arch., Vol. 2019 (2019), 347. https://eprint.iacr.org/2019/347

[41]

Marc Fischlin and Felix Günther. 2017. Replay Attacks on Zero Round-Trip Time: The Case of the TLS 1.3 Handshake Candidates. In 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, April 26-28, 2017. IEEE, 60--75.

[42]

Pierre-Alain Fouque, Cristina Onete, and Benjamin Richard. 2016. Achieving Better Privacy for the 3GPP AKA Protocol. Proc. Priv. Enhancing Technol., Vol. 2016, 4 (2016), 255--275.

[43]

Lucca Hirschi, David Baelde, and Stéphanie Delaune. 2016. A method for verifying privacy-type properties: the unbounded case. In Proceedings of the 37th IEEE Symposium on Security and Privacy (S&P'16), Michael Locasto, Vitaly Shmatikov, and Úlfar Erlingsson (Eds.). IEEE Computer Society Press, San Jose, California, USA.

[44]

Ian Levy. 2018. TLS 1.3: better for individuals - harder for enterprises. https://www.ncsc.gov.uk/blog-post/tls-13-better-individuals-harder-enterprises.

[45]

Charlie Kaufman, Paul E. Hoffman, Yoav Nir, Pasi Eronen, and Tero Kivinen. 2014. Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296. https://doi.org/10.17487/RFC7296

Digital Library

[46]

Eric Kinnear, Patrick McManus, Tommy Pauly, Tanya Verma, and Christopher A. Wood. 2022. Oblivious DNS Over HTTPS. Internet-Draft draft-pauly-dprive-oblivious-doh-09. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-pauly-dprive-oblivious-doh-09 Work in Progress.

Digital Library

[47]

Markulf Kohlweiss, Ueli Maurer, Cristina Onete, Björn Tackmann, and Daniele Venturi. 2015. (De-)Constructing TLS 1.3. In Progress in Cryptology - INDOCRYPT 2015 - 16th International Conference on Cryptology in India, Bangalore, India, December 6-9, 2015, Proceedings (Lecture Notes in Computer Science, Vol. 9462), Alex Biryukov and Vipul Goyal (Eds.). 85--102.

[48]

Hugo Krawczyk. 2003. SIGMA: The ?SIGn-and-MAc'approach to authenticated Diffie-Hellman and its use in the IKE protocols. In Annual International Cryptology Conference. Springer, 400--425.

[49]

Hugo Krawczyk and Hoeteck Wee. 2016. The OPTLS Protocol and TLS 1.3. In IEEE European Symposium on Security & Privacy (Euro S&P). Cryptology ePrint Archive, Report 2015/978.

[50]

X. Li, J. Xu, Z. Zhang, D. Feng, and H. Hu. 2016. Multiple Handshakes Security of TLS 1.3 Candidates. In IEEE Symposium on Security and Privacy (Oakland). 486--505.

[51]

Benjamin Lipp, Bruno Blanchet, and Karthikeyan Bhargavan. 2019. A Mechanised Cryptographic Proof of the WireGuard Virtual Private Network Protocol. In IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 231--246.

[52]

Bodo Möller, Thai Duong, and Krzysztof Kotowicz. 2014. This POODLE bites: exploiting the SSL 3.0 fallback. https://www.openssl.org/bodo/ssl-poodle.pdf.

[53]

Simran Patil and Nikita Borisov. 2019. What can you learn from an IP?. In Proceedings of the Applied Networking Research Workshop. 45--51.

Digital Library

[54]

Trevor Perrin. 2018. The Noise Protocol Framework. http://noiseprotocol.org/noise.html.

[55]

Sebastian Ramacher, Daniel Slamanig, and Andreas Weninger. 2021. Privacy-Preserving Authenticated Key Exchange: Stronger Privacy and Generic Constructions. In European Symposium on Research in Computer Security. Springer, 676--696.

[56]

Eric Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446. https://doi.org/10.17487/RFC8446

Digital Library

[57]

Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2021. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-13. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-10 Work in Progress.

[58]

The SSL Store. 2018. TLS 1.3: Banking Industry Working to Undermine Encryption. https://medium.com/@thesslstore/tls-1-3-banking-industry-working-to-undermine-encryption-752838cf828c.

[59]

Mathy Vanhoef and Frank Piessens. 2015. All your biases belong to us: Breaking RC4 in WPA-TKIP and TLS. In USENIX Security Symposium. 97--112.

[60]

Yunlei Zhao. 2016. Identity-concealed authenticated encryption and key exchange. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 1464--1479.

Digital Library

Cited By

Mieno TOkazaki HArai KFuta Y(2024)How to Formalize Loop Iterations in Cryptographic Protocols Using ProVerifIEEE Access10.1109/ACCESS.2024.336845312(31605-31625)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3368453
Liu JWang JYan TQi FChen G(2023)Unknown Traffic Recognition Based on Multi-Feature Fusion and Incremental LearningApplied Sciences10.3390/app1313764913:13(7649)Online publication date: 28-Jun-2023
https://doi.org/10.3390/app13137649
Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Show More Cited By

Index Terms

A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello
1. Security and privacy

Recommendations

A Comprehensive Symbolic Analysis of TLS 1.3
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

The TLS protocol is intended to enable secure end-to-end communication over insecure networks, including the Internet. Unfortunately, this goal has been thwarted a number of times throughout the protocol's tumultuous lifetime, resulting in the need for a ...
Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) versus QUIC
Abstract
Secure channel establishment protocols such as Transport Layer Security (TLS) are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing latency (the number of interactions between parties before ...
Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC
Computer Security – ESORICS 2019
Abstract
Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of interactions between parties) in such protocols has become ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

November 2022

3598 pages

ISBN:9781450394505

DOI:10.1145/3548606

General Chairs:
Heng Yin
University of California, Riverside
,
Angelos Stavrou
Virginia Tech
,
Program Chairs:
Cas Cremers
CISPA Helmholtz Center for Information Security
,
Elaine Shi
Carnegie Mellon University

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

ANR

Conference

CCS '22

Sponsor:

SIGSAC

CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security

November 7 - 11, 2022

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
741
Total Downloads

Downloads (Last 12 months)289
Downloads (Last 6 weeks)7

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Mieno TOkazaki HArai KFuta Y(2024)How to Formalize Loop Iterations in Cryptographic Protocols Using ProVerifIEEE Access10.1109/ACCESS.2024.336845312(31605-31625)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3368453
Liu JWang JYan TQi FChen G(2023)Unknown Traffic Recognition Based on Multi-Feature Fusion and Incremental LearningApplied Sciences10.3390/app1313764913:13(7649)Online publication date: 28-Jun-2023
https://doi.org/10.3390/app13137649
Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Zirngibl JSattler PCarle G(2023)A First Look at SVCB and HTTPS DNS Resource Records in the Wild2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW59978.2023.00058(470-474)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSPW59978.2023.00058
Cheval VMoreira JRyan M(2023)Automatic verification of transparency protocols2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00016(107-121)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00016
Cheval VRakotonirina I(2023)Indistinguishability Beyond Diff-Equivalence in ProVerif2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00036(184-199)Online publication date: Jul-2023
https://doi.org/10.1109/CSF57540.2023.00036
Cheval VCortier VDebant A(2023)Election Verifiability with ProVerif2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00032(43-58)Online publication date: Jul-2023
https://doi.org/10.1109/CSF57540.2023.00032
Baelde DDebant ADelaune S(2023)Proving Unlinkability Using ProVerif Through Desynchronised Bi-Processes2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00022(75-90)Online publication date: Jul-2023
https://doi.org/10.1109/CSF57540.2023.00022

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents