src/HOL/Auth/README.html

updated text

<HTML><HEAD><TITLE>HOL/Auth/README</TITLE></HEAD><BODY>

<H1>Auth--The Inductive Approach to Verifying Security Protocols</H1>

<P>Cryptographic protocols are of major importance, especially with the
growing use of the Internet.  This directory demonstrates the ``inductive
method'' of protocol verification, which is described in <A
HREF="http://www.cl.cam.ac.uk/users/lcp/papers/protocols.html">various
papers</A>.  The operational semantics of protocol participants is defined
inductively.

<P>This directory contains proofs concerning

<UL>
<LI>three versions of the Otway-Rees protocol

<LI>the Needham-Schroeder shared-key protocol

<LI>the Needham-Schroeder public-key protocol (original and with Lowe's
modification)

<LI>two versions of Kerberos: the simplified form published in the BAN paper
	and also the full protocol (Kerberos IV)

<LI>three versions of the Yahalom protocol, including a bad one that 
	illustrates the purpose of the Oops rule

<LI>a novel recursive authentication protocol 

<LI>the Internet protocol TLS

<LI>The certified e-mail protocol of Abadi et al.
</UL>

<P>Subdirectory <A HREF="Guard/">Guard</A> develops a theory of guardedness, by
Frederic Blanqui, and includes proofs of some roving agent protocols.

<HR>
<P>Last modified $Date$

<ADDRESS>
<A
HREF="http://www.cl.cam.ac.uk/users/lcp/">Larry Paulson</A>,
<A HREF="mailto:lcp@cl.cam.ac.uk">lcp@cl.cam.ac.uk</A>
</ADDRESS>
</BODY></HTML>