Since wireless sensor networks (WSNs) have been designed to be deployed in an unsecured, public environment, secured communication is really vital for their wide-spread use. Among all of the communication protocols developed for WSN, the Security Protocols for Sensor Networks (SPINS) is exceptional, as it has been designed with security as a goal. SPINS is composed of two building blocks: Secur...

Usage of the Internet has increased rapidly over the past decade. Increased amount of network users has also brought along a need of network-based services that require security. Developing new security protocols is a difficult task and sometimes too difficult task for human mind. We need an efficient tools to help the development and verification of the protocols. In this paper we introduce th...

ZRTP is draft of key agreement protocol by Phil Zimmermann, which relies on a Di e-Hellman exchange to generate SRTP session parameters, providing con dentiality and protecting against Man-in-the-Middle attacks even without a public key infrastructure or endpoint certi cates. This is an analysis of the protocol performed with AVISPA and ProVerif, which tests security properties of ZRTP; in orde...

We have analysed the well-known BAN modified Andrew Secure RPC authentication protocol by means of the AVISPA Web tool considering all the available back-ends and with the basic configurations of sessions. The protocol has been found vulnerable to a replay/mutation attack based on homomorphism by one of the back-ends. In order to fix it, we integrated into the protocol a common solution, includ...

We present a formal analysis of the authentication protocol of Facebook Connect, the Single Sign-On service offered by the Facebook Platform which allows Facebook users to login to affiliated sites. Formal specification and verification have been carried out using the specification language HLPSL and AVISPA, a state-of-the-art verification tool for security protocols. AVISPA has revealed two se...

Formal validation of security protocols is of utmost importance before they gain market or academic acceptance. In particular, the results obtained from the formal validation of the improved Optimistic Fair Exchange Protocol based on Signature Policies (OFEPSP+) are presented. OFEPSP+ ensures that no party gains an unfair advantage over the other during the protocol execution, while substantial...

The AVISPA Tool is a push-button tool for the Automated Validation of Internet Security Protocols and Applications. It provides a modular and expressive formal language for specifying protocols and their security properties, and integrates different back-ends that implement a variety of automatic protocol analysis techniques. Experimental results, carried out on a large library of Internet secu...

Emerging e-commerce activity is giving scope for the design of many new protocols, and to gain confidence, these protocol need to be verified for its designed properties. Specifically protocol used in ecommerce transactions needs to be verified for their security properties. Verification of these protocols is done using the formal verification tools. AVISPA is one of the evolving tools used mai...