{"id":"https://openalex.org/W2081888787","doi":"https://doi.org/10.1145/2046707.2046745","title":"Extracting and verifying cryptographic models from C protocol code by symbolic execution","display_name":"Extracting and verifying cryptographic models from C protocol code by symbolic execution","publication_year":2011,"publication_date":"2011-10-17","ids":{"openalex":"https://openalex.org/W2081888787","doi":"https://doi.org/10.1145/2046707.2046745","mag":"2081888787"},"language":"en","primary_location":{"id":"doi:10.1145/2046707.2046745","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2046707.2046745","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM conference on Computer and communications security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://www.research.ed.ac.uk/en/publications/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054057089","display_name":"Mihhail Aizatulin","orcid":null},"institutions":[{"id":"https://openalex.org/I204136569","display_name":"The Open University","ror":"https://ror.org/05mzfcs16","country_code":"GB","type":"education","lineage":["https://openalex.org/I204136569"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Mihhail Aizatulin","raw_affiliation_strings":["The Open University, Milton Keynes, United Kingdom","(The Open University, Milton Keynes, United Kingdom)"],"affiliations":[{"raw_affiliation_string":"The Open University, Milton Keynes, United Kingdom","institution_ids":["https://openalex.org/I204136569"]},{"raw_affiliation_string":"(The Open University, Milton Keynes, United Kingdom)","institution_ids":["https://openalex.org/I204136569"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078684560","display_name":"Andrew D. Gordon","orcid":"https://orcid.org/0000-0002-5809-2484"},"institutions":[{"id":"https://openalex.org/I4210164937","display_name":"Microsoft Research (United Kingdom)","ror":"https://ror.org/05k87vq12","country_code":"GB","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210164937"]},{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["GB","US"],"is_corresponding":false,"raw_author_name":"Andrew D. Gordon","raw_affiliation_strings":["Microsoft Research, Cambridge, United Kingdom","Microsoft Research, Cambridge, United Kingdom ("],"affiliations":[{"raw_affiliation_string":"Microsoft Research, Cambridge, United Kingdom","institution_ids":["https://openalex.org/I4210164937"]},{"raw_affiliation_string":"Microsoft Research, Cambridge, United Kingdom (","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029120753","display_name":"Jan J\u00fcrjens","orcid":"https://orcid.org/0000-0002-8938-0470"},"institutions":[{"id":"https://openalex.org/I4210163630","display_name":"Fraunhofer Institute for Software and Systems Engineering","ror":"https://ror.org/058kjq542","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210163630","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I200332995","display_name":"TU Dortmund University","ror":"https://ror.org/01k97gp34","country_code":"DE","type":"education","lineage":["https://openalex.org/I200332995"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jan J\u00fcrjens","raw_affiliation_strings":["TU Dortmund &amp; Fraunhofer ISST, Dortmund, Germany"],"affiliations":[{"raw_affiliation_string":"TU Dortmund &amp; Fraunhofer ISST, Dortmund, Germany","institution_ids":["https://openalex.org/I200332995","https://openalex.org/I4210163630"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5054057089"],"corresponding_institution_ids":["https://openalex.org/I204136569"],"apc_list":null,"apc_paid":null,"fwci":9.4067,"has_fulltext":false,"cited_by_count":57,"citation_normalized_percentile":{"value":0.97931652,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"331","last_page":"340"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8527079820632935},{"id":"https://openalex.org/keywords/soundness","display_name":"Soundness","score":0.8120892643928528},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.6980078816413879},{"id":"https://openalex.org/keywords/symbolic-execution","display_name":"Symbolic execution","score":0.6174384951591492},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5698926448822021},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5665732026100159},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.5376800894737244},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.5225105285644531},{"id":"https://openalex.org/keywords/rewriting","display_name":"Rewriting","score":0.5199300646781921},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5183416604995728},{"id":"https://openalex.org/keywords/process-calculus","display_name":"Process calculus","score":0.5132675170898438},{"id":"https://openalex.org/keywords/secrecy","display_name":"Secrecy","score":0.4815116822719574},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.4722817838191986},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.4662562608718872},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.44959983229637146},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.2298409640789032},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.2248629331588745},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2087213397026062},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.11313262581825256}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8527079820632935},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.8120892643928528},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.6980078816413879},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.6174384951591492},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5698926448822021},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5665732026100159},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.5376800894737244},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.5225105285644531},{"id":"https://openalex.org/C154690210","wikidata":"https://www.wikidata.org/wiki/Q1668499","display_name":"Rewriting","level":2,"score":0.5199300646781921},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5183416604995728},{"id":"https://openalex.org/C161771561","wikidata":"https://www.wikidata.org/wiki/Q1970286","display_name":"Process calculus","level":2,"score":0.5132675170898438},{"id":"https://openalex.org/C2776452267","wikidata":"https://www.wikidata.org/wiki/Q1503443","display_name":"Secrecy","level":2,"score":0.4815116822719574},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.4722817838191986},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.4662562608718872},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.44959983229637146},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.2298409640789032},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.2248629331588745},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2087213397026062},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.11313262581825256},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/2046707.2046745","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2046707.2046745","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM conference on Computer and communications security","raw_type":"proceedings-article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/373784","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/373784","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"},{"id":"pmh:oai:pure.ed.ac.uk:openaire/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","is_oa":true,"landing_page_url":"https://www.research.ed.ac.uk/en/publications/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","pdf_url":null,"source":{"id":"https://openalex.org/S4406922455","display_name":"Edinburgh Research Explorer","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Aizatulin, M, Gordon, A D & J\u00fcrjens, J 2011, Extracting and verifying cryptographic models from C protocol code by symbolic execution. in Proceedings of the 18th ACM conference on Computer and communications security. New York, NY, USA, pp. 331-340. https://doi.org/10.1145/2046707.2046745","raw_type":"contributionToPeriodical"},{"id":"pmh:oai:pure.ed.ac.uk:publications/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","is_oa":false,"landing_page_url":"http://dl.acm.org/citation.cfm?doid=2046707.2046745","pdf_url":null,"source":{"id":"https://openalex.org/S4406922455","display_name":"Edinburgh Research Explorer","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":""}],"best_oa_location":{"id":"pmh:oai:pure.ed.ac.uk:openaire/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","is_oa":true,"landing_page_url":"https://www.research.ed.ac.uk/en/publications/fe9dd3ba-8761-492d-99d2-f8f0678fcc95","pdf_url":null,"source":{"id":"https://openalex.org/S4406922455","display_name":"Edinburgh Research Explorer","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Aizatulin, M, Gordon, A D & J\u00fcrjens, J 2011, Extracting and verifying cryptographic models from C protocol code by symbolic execution. in Proceedings of the 18th ACM conference on Computer and communications security. New York, NY, USA, pp. 331-340. https://doi.org/10.1145/2046707.2046745","raw_type":"contributionToPeriodical"},"sustainable_development_goals":[{"score":0.7799999713897705,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W92576581","https://openalex.org/W157156687","https://openalex.org/W200131369","https://openalex.org/W1483411077","https://openalex.org/W1496433309","https://openalex.org/W1532236297","https://openalex.org/W1710734607","https://openalex.org/W1973054120","https://openalex.org/W2011086847","https://openalex.org/W2029693536","https://openalex.org/W2036961426","https://openalex.org/W2043100293","https://openalex.org/W2053014980","https://openalex.org/W2055259417","https://openalex.org/W2061106457","https://openalex.org/W2066183757","https://openalex.org/W2072210640","https://openalex.org/W2101512909","https://openalex.org/W2105506683","https://openalex.org/W2107089133","https://openalex.org/W2108978217","https://openalex.org/W2112018008","https://openalex.org/W2114189125","https://openalex.org/W2117064875","https://openalex.org/W2118870447","https://openalex.org/W2123364806","https://openalex.org/W2137402267","https://openalex.org/W2148662736","https://openalex.org/W2149302272","https://openalex.org/W2155230502","https://openalex.org/W2161011930","https://openalex.org/W2161706819","https://openalex.org/W2163499368","https://openalex.org/W2164284862","https://openalex.org/W2164674422","https://openalex.org/W2167104015","https://openalex.org/W2168151327","https://openalex.org/W2169908972","https://openalex.org/W2170630946","https://openalex.org/W2405120281","https://openalex.org/W3012853919","https://openalex.org/W4210300416","https://openalex.org/W6603841182","https://openalex.org/W6606430823"],"related_works":["https://openalex.org/W4388685763","https://openalex.org/W111782126","https://openalex.org/W18781025","https://openalex.org/W2952519015","https://openalex.org/W1971318400","https://openalex.org/W2199032704","https://openalex.org/W1976558359","https://openalex.org/W1496433309","https://openalex.org/W1938475825","https://openalex.org/W4240634662"],"abstract_inverted_index":{"Consider":[0],"the":[1,35,43,48,116],"problem":[2],"of":[3,7,29,121],"verifying":[4],"security":[5,69],"properties":[6,70],"a":[8,22,56,95],"cryptographic":[9],"protocol":[10,24,64],"coded":[11],"in":[12,112],"C.":[13],"We":[14,74,92],"propose":[15],"an":[16,62],"automatic":[17],"solution":[18],"that":[19],"needs":[20],"neither":[21],"pre-existing":[23],"description":[25],"nor":[26],"manual":[27],"annotation":[28],"source":[30],"code.":[31,132],"First,":[32],"symbolically":[33],"execute":[34],"C":[36,131],"program":[37],"to":[38,54,67,80,85,104],"obtain":[39,55],"symbolic":[40],"descriptions":[41],"for":[42,83,126],"network":[44],"messages":[45],"sent":[46],"by":[47],"protocol.":[49],"Second,":[50],"apply":[51],"algebraic":[52],"rewriting":[53],"process":[57],"calculus":[58],"description.":[59],"Third,":[60],"run":[61],"existing":[63,81],"analyser":[65],"(ProVerif)":[66],"prove":[68],"or":[71],"find":[72],"attacks.":[73],"formalise":[75],"our":[76,100],"algorithm":[77],"and":[78,124],"appeal":[79],"results":[82,101,111],"ProVerif":[84],"establish":[86],"computational":[87],"soundness":[88],"under":[89],"suitable":[90],"circumstances.":[91],"analyse":[93],"only":[94],"single":[96],"execution":[97,128],"path,":[98],"so":[99],"are":[102],"limited":[103],"protocols":[105],"with":[106],"no":[107],"significant":[108],"branching.":[109],"The":[110],"this":[113],"paper":[114],"provide":[115],"first":[117],"computationally":[118],"sound":[119],"verification":[120],"weak":[122],"secrecy":[123],"authentication":[125],"(single":[127],"paths":[129],"of)":[130]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":6},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":5},{"year":2012,"cited_by_count":9}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}