Security Publications by Gavin Lowe

An Attack on the Needham-Schroeder Public-Key Authentication Protocol.

Gavin Lowe. Information Processing Letters, volume 56, number 3, pages 131-133.

Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR.

Gavin Lowe. In Tools and Algorithms for the Construction and Analysis of Systems, Margaria and Steffen (eds.), volume 1055 of Lecture Notes in Computer Science, Springer Verlag, pages 147-166, 1996.
Also in Software Concepts and Tools, 17:93-102, 1996.

Some New Attacks upon Security Protocols.

Gavin Lowe. Proceedings of 9th IEEE Computer Security Foundations Workshop, 1996.

A Hierarchy of Authentication Specifications.

Gavin Lowe. Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997.

Also available as Department of Mathematics and Computer Science Technical Report 1996/33, University of Leicester, 1996.

Using CSP to Detect Errors in the TMN Protocol.

Gavin Lowe and Bill Roscoe.
In IEEE Transactions on Software Engineering, volume 23, number 10, 1997.
A preliminary version is available as Department of Mathematics and Computer Science Technical Report 1996/34, University of Leicester, 1996.

Casper: A Compiler for the Analysis of Security Protocols.

Gavin Lowe. Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997. Also in Journal of Computer Security, Volume 6, pages 53-84, 1998.

A Family of Attacks upon Authentication Protocols.

Gavin Lowe. Department of Mathematics and Computer Science, Technical Report 1997/5, University of Leicester, 1997.

Towards a Completeness Result for Model Checking of Security Protocols.

Gavin Lowe. Journal of Computer Security, Volume 7, Numbers 2, 3, pages 89-146, 1999. Earlier versions appeared in Proceedings of 11th IEEE Computer Security Foundations Workshop, pages 96-105, 1998, and as Department of Mathematics and Computer Science, Technical Report 1998/6, University of Leicester, 1998.

Simplifying Transformations for Security Protocols.

Mei Lin Hui and Gavin Lowe. In Proceedings of 12th IEEE Computer Security Foundations Workshop, pages 32-43, 1999. Also available as Department of Mathematics and Computer Science, Technical Report 1999/1, University of Leicester, 1999.

Analyzing a Library of Security Protocols using Casper and FDR.

Ben Donovan, Paul Norris and Gavin Lowe. In Proceedings of the Workshop on Formal Methods and Security Protocols, 1999. Some of the Casper scripts are available here (gzipped, tarred directory).

How to Prevent Type Flaw Attacks on Security Protocols.

James Heather, Gavin Lowe and Steve Schneider. In Proceedings of 13th IEEE Computer Security Foundations Workshop, pages 255-268, 2000. Also available as Department of Mathematics and Computer Science, Technical Report 2000/2, University of Leicester, 2000.

Automating Data Independence.

Philippa Broadfoot, Gavin Lowe and Bill Roscoe. In Proceedings of ESORICS 2000, pages 175-190, 2000.

Fault-Preserving Simplifying Transformations for Security Protocols.

Mei Lin Hui and Gavin Lowe. Journal of Computer Security, volume 9, pages 3-46, 2001.

Modelling and Analysis of Security Protocols.

Peter Ryan, Steve Schneider, Michael Goldsmith, Gavin Lowe and Bill Roscoe. Addison-Wesley, 2001.

Quantifying Information Flow.

Gavin Lowe. In Proceedings of the 15th IEEE Computer Security Foundations Workshop, 2002.

Analysing Protocols Subject to Guessing Attacks.

Gavin Lowe. In Proceedings of the Workshop on Issues in the Theory of Security (WITS '02), 2002.

Analysing a Stream Authentication Protocol using Model Checking.

Philippa Broadfoot and Gavin Lowe. In Proceedings of the 7th European Symposium on Research in Computer Security (ESORICS), 2002. The CSP files associated with this paper are available here.

Using CSP to detect Insertion and Evasion Possibilities within the Intrusion Detection Area.

Gordon Rohrmair and Gavin Lowe. In Proceedings of BCS Workshop on Formal Aspects of Security, 2002.

How to Prevent Type Flaw Attacks on Security Protocols.

James Heather, Gavin Lowe and Steve Schneider. In Journal of Computer Security, Volume 11, Number 2, 2003.

On Distributed Security Transactions that use Secure Transport Protocols.

Philippa Broadfoot and Gavin Lowe. In Proceedings of the 16th IEEE Computer Security Foundations Workshop, 2003.

Using Data-Independence in the Analysis of Intrusion Detection Systems.

Gordon Rohrmair and Gavin Lowe. In Proceedings of the Workshop on Issues in the Theory of Security (WITS '03), 2003.

Analysing Protocols Subject to Guessing Attacks.

Gavin Lowe. In Journal of Computer Security, Volume 12, Number 1, 2004.

Semantic Models for Information Flow.

Gavin Lowe. In Theoretical Computer Science, Volume 315, pages 209-256, 2004.

Defining Information Flow Quantity.

Gavin Lowe. In Journal of Computer Security, Volume 12, Numbers 3, 4, 2004.

On a Calculus for Security Protocol Development.

Gavin Lowe and Michael Auty. Technical Report. 2005