{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T03:17:17Z","timestamp":1767928637843,"version":"3.49.0"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031514784","type":"print"},{"value":"9783031514791","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51479-1_1","type":"book-chapter","created":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:02:33Z","timestamp":1704956553000},"page":"3-21","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Layered Symbolic Security Analysis in\u00a0$$\\textsf {DY}^\\star $$"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3152-8997","authenticated-orcid":false,"given":"Karthikeyan","family":"Bhargavan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3075-2743","authenticated-orcid":false,"given":"Abhishek","family":"Bichhawat","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5618-5663","authenticated-orcid":false,"given":"Pedram","family":"Hosseyni","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9071-9312","authenticated-orcid":false,"given":"Ralf","family":"K\u00fcsters","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6032-087X","authenticated-orcid":false,"given":"Klaas","family":"Pruiksma","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3776-5475","authenticated-orcid":false,"given":"Guido","family":"Schmitz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6019-7130","authenticated-orcid":false,"given":"Clara","family":"Waldmann","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4729-0629","authenticated-orcid":false,"given":"Tim","family":"W\u00fcrtele","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,1,12]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Abate, C., et al.: SSProve: a foundational framework for modular cryptographic proofs in Coq. In: 2021 IEEE 34th Computer Security Foundations Symposium (CSF), pp. 1\u201315. IEEE Computer Society (2021)","DOI":"10.1109\/CSF51468.2021.00048"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Barbosa, M., et al.: SoK: computer-aided cryptography. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 777\u2013795 (2021). https:\/\/doi.ieeecomputersociety.org\/10.1109\/SP40001.2021.00008","DOI":"10.1109\/SP40001.2021.00008"},{"key":"1_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-642-22792-9_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"G Barthe","year":"2011","unstructured":"Barthe, G., Gr\u00e9goire, B., Heraud, S., B\u00e9guelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71\u201390. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_5"},{"issue":"2","key":"1_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1890028.1890031","volume":"33","author":"J Bengtson","year":"2011","unstructured":"Bengtson, J., Bhargavan, K., Fournet, C., Gordon, A.D., Maffeis, S.: Refinement types for secure implementations. ACM Trans. Program. Lang. Syst. (TOPLAS) 33(2), 1\u201345 (2011)","journal-title":"ACM Trans. Program. Lang. Syst. (TOPLAS)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., et al.: DY*: a modular symbolic verification framework for executable cryptographic protocol code. In: IEEE European Symposium on Security and Privacy (EuroS&P), pp. 523\u2013542 (2021)","DOI":"10.1109\/EuroSP51992.2021.00042"},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., et al.: An in-depth symbolic security analysis of the ACME standard. In: Kim, Y., Kim, J., Vigna, G., Shi, E. (eds.) CCS 2021: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, 15\u201319 November 2021, pp. 2601\u20132617. ACM (2021)","DOI":"10.1145\/3460120.3484588"},{"key":"1_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/978-3-030-91631-2_4","volume-title":"Protocols, Strands, and Logic","author":"K Bhargavan","year":"2021","unstructured":"Bhargavan, K., et al.: A tutorial-style introduction to DY*. In: Dougherty, D., Meseguer, J., M\u00f6dersheim, S.A., Rowe, P. (eds.) Protocols, Strands, and Logic. LNCS, vol. 13066, pp. 77\u201397. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-91631-2_4"},{"key":"1_CR8","unstructured":"Bhargavan, K., et al.: DY* layering source code (2023). https:\/\/publ.sec.uni-stuttgart.de\/esorics23-layered-symbolic-security-analysis-in-dystar-code.zip"},{"key":"1_CR9","unstructured":"Bhargavan, K., et al.: Layered symbolic security analysis in DY*. Technical report (2023). https:\/\/eprint.iacr.org\/2023\/1329"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: IEEE S&P, pp. 483\u2013502 (2017)","DOI":"10.1109\/SP.2017.26"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Fournet, C., Gordon, A.D.: Modular verification of security protocol code by typing. In: Proceedings of the 37th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 445\u2013456 (2010)","DOI":"10.1145\/1706299.1706350"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/978-3-662-44381-1_14","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"K Bhargavan","year":"2014","unstructured":"Bhargavan, K., Fournet, C., Kohlweiss, M., Pironti, A., Strub, P.-Y., Zanella-B\u00e9guelin, S.: Proving the TLS handshake secure (as it is). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 235\u2013255. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44381-1_14"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Lavaud, A.D., Fournet, C., Pironti, A., Strub, P.Y.: Triple handshakes and cookie cutters: breaking and fixing authentication over TLS. In: 2014 IEEE Symposium on Security and Privacy (2014)","DOI":"10.1109\/SP.2014.14"},{"key":"1_CR14","unstructured":"Blanchet, B.: CryptoVerif: computationally sound mechanized prover for cryptographic protocols. In: Dagstuhl Seminar \u201cFormal Protocol Verification Applied, vol. 117, p. 156 (2007)"},{"key":"1_CR15","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1561\/3300000004","volume":"1","author":"B Blanchet","year":"2016","unstructured":"Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Priv. Secur. 1, 1\u2013135 (2016)","journal-title":"Found. Trends Priv. Secur."},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of the 42nd Annual Symposium on Foundations of Computer Science (FOCS 2001), pp. 136\u2013145. IEEE Computer Society (2001)","DOI":"10.1109\/SFCS.2001.959888"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Canetti, R., Stoughton, A., Varia, M.: EasyUC: using EasyCrypt to mechanize proofs of universally composable security. In: 2019 IEEE 32th Computer Security Foundations Symposium (CSF), pp. 167\u2013183. IEEE Computer Society (2019)","DOI":"10.1109\/CSF.2019.00019"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Cheval, V., Cortier, V., Warinschi, B.: Secure composition of PKIs with public key protocols. In: 30th IEEE Computer Security Foundations Symposium, CSF 2017, Santa Barbara, CA, USA, 21\u201325 August 2017, pp. 144\u2013158. IEEE Computer Society (2017)","DOI":"10.1109\/CSF.2017.28"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Ciob\u00e2ca, S., Cortier, V.: Protocol composition for arbitrary primitives. In: 23rd IEEE Computer Security Foundations Symposium, pp. 322\u2013336 (2010)","DOI":"10.1109\/CSF.2010.29"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Cremers, C., Horvat, M., Hoyland, J., Scott, S., van der Merwe, T.: A comprehensive symbolic analysis of TLS 1.3. In: ACM CCS, pp. 1773\u20131788 (2017)","DOI":"10.1145\/3133956.3134063"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Delignat-Lavaud, A., et al.: Implementing and proving the TLS 1.3 record layer. In: IEEE S&P, pp. 463\u2013482 (2017)","DOI":"10.1109\/SP.2017.58"},{"issue":"2","key":"1_CR22","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.C.: On the security of public-key protocols. IEEE Trans. Inf. Theory 29(2), 198\u2013208 (1983)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Fournet, C., Kohlweiss, M., Strub, P.: Modular code-based cryptographic verification. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, 17\u201321 October 2011, pp. 341\u2013350. ACM (2011)","DOI":"10.1145\/2046707.2046746"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Gancher, J., Gibson, S., Singh, P., Dharanikota, S., Parno, B.: Owl: compositional verification of security protocols via an information-flow type system. In: 2023 IEEE Symposium on Security and Privacy (SP), pp. 1130\u20131147. IEEE Computer Society (2023). https:\/\/doi.ieeecomputersociety.org\/10.1109\/SP46215.2023.10179477","DOI":"10.1109\/SP46215.2023.10179477"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Gondron, S., M\u00f6dersheim, S.: Vertical composition and sound payload abstraction for stateful protocols. In: 34th IEEE Computer Security Foundations Symposium, CSF 2021, Dubrovnik, Croatia, 21\u201325 June 2021, pp. 1\u201316. IEEE (2021)","DOI":"10.1109\/CSF51468.2021.00038"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Gro\u00df, T., M\u00f6dersheim, S.: Vertical protocol composition. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, Cernay-la-Ville, France, 27\u201329 June 2011, pp. 235\u2013250. IEEE Computer Society (2011)","DOI":"10.1109\/CSF.2011.23"},{"issue":"3","key":"1_CR27","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3577020","volume":"26","author":"AV Hess","year":"2023","unstructured":"Hess, A.V., M\u00f6dersheim, S.A., Brucker, A.D.: Stateful protocol composition in Isabelle\/HOL. ACM Trans. Priv. Secur. 26(3), 1\u201336 (2023)","journal-title":"ACM Trans. Priv. Secur."},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Ho, S., Protzenko, J., Bichhawat, A., Bhargavan, K.: Noise*: a library of verified high-performance secure channel protocol implementations. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, 22\u201326 May 2022, pp. 107\u2013124. IEEE (2022)","DOI":"10.1109\/SP46214.2022.9833621"},{"key":"1_CR29","doi-asserted-by":"publisher","unstructured":"K\u00fcsters, R., Tuengerthal, M.: Composition theorems without pre-established session identifiers. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS 2011), pp. 41\u201350. ACM Press (2011). https:\/\/doi.org\/10.1145\/2046707.2046715","DOI":"10.1145\/2046707.2046715"},{"issue":"4","key":"1_CR30","doi-asserted-by":"publisher","first-page":"1461","DOI":"10.1007\/s00145-020-09352-1","volume":"33","author":"R K\u00fcsters","year":"2020","unstructured":"K\u00fcsters, R., Tuengerthal, M., Rausch, D.: The IITM model: a simple and expressive model for universal composability. J. Cryptol. 33(4), 1461\u20131584 (2020). https:\/\/doi.org\/10.1007\/s00145-020-09352-1","journal-title":"J. Cryptol."},{"key":"1_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"696","DOI":"10.1007\/978-3-642-39799-8_48","volume-title":"Computer Aided Verification","author":"S Meier","year":"2013","unstructured":"Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696\u2013701. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39799-8_48"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"M\u00f6dersheim, S., Vigan\u00f2, L.: Sufficient conditions for vertical composition of security protocols. In: Moriai, S., Jaeger, T., Sakurai, K. (eds.) 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014, Kyoto, Japan, 03\u201306 June 2014, pp. 435\u2013446. ACM (2014)","DOI":"10.1145\/2590296.2590330"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Reschke, J.: The \u2018basic\u2019 HTTP authentication scheme. RFC 7617 (2015). https:\/\/www.rfc-editor.org\/info\/rfc7617","DOI":"10.17487\/RFC7617"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446 (2018). https:\/\/www.rfc-editor.org\/info\/rfc8446","DOI":"10.17487\/RFC8446"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Rescorla, E., Dierks, T.: The transport layer security (TLS) protocol version 1.2. RFC 5246 (2008). https:\/\/www.rfc-editor.org\/info\/rfc5246","DOI":"10.17487\/rfc5246"},{"key":"1_CR36","doi-asserted-by":"crossref","unstructured":"Swamy, N., et al.: Dependent types and multi-monadic effects in $$\\text{F}^\\star $$. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, 20\u201322 January 2016, pp. 256\u2013270 (2016)","DOI":"10.1145\/2837614.2837655"},{"key":"1_CR37","unstructured":"Wallez, T., Protzenko, J., Beurdouche, B., Bhargavan, K.: $$\\{$$TreeSync$$\\}$$: authenticated group management for messaging layer security. In: 32nd USENIX Security Symposium (USENIX Security 23), pp. 1217\u20131233 (2023)"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51479-1_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:02:53Z","timestamp":1704956573000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51479-1_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514784","9783031514791"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51479-1_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"12 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}