{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,20]],"date-time":"2025-04-20T04:42:57Z","timestamp":1745124177997,"version":"3.30.1"},"reference-count":38,"publisher":"Elsevier BV","issue":"2","license":[{"start":{"date-parts":[[2002,6,1]],"date-time":"2002-06-01T00:00:00Z","timestamp":1022889600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2013,7,17]],"date-time":"2013-07-17T00:00:00Z","timestamp":1374019200000},"content-version":"vor","delay-in-days":4064,"URL":"https:\/\/www.elsevier.com\/open-access\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Theoretical Computer Science"],"published-print":{"date-parts":[[2002,6]]},"DOI":"10.1016\/s0304-3975(01)00141-4","type":"journal-article","created":{"date-parts":[[2002,10,11]],"date-time":"2002-10-11T11:37:18Z","timestamp":1034336238000},"page":"419-450","source":"Crossref","is-referenced-by-count":56,"title":["Finite-state analysis of two contract signing protocols"],"prefix":"10.1016","volume":"283","author":[{"given":"Vitaly","family":"Shmatikov","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John C.","family":"Mitchell","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/S0304-3975(01)00141-4_BIB1","doi-asserted-by":"crossref","unstructured":"N. Asokan, V. Shoup, M. Waidner, Asynchronous protocols for optimistic fair exchange, Tech. Report RZ2976, IBM Research Report, November 1997.","DOI":"10.1145\/266420.266426"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB2","doi-asserted-by":"crossref","unstructured":"N. Asokan, V. Shoup, M. Waidner, Asynchronous protocols for optimistic fair exchange, in: Proc. IEEE Symp. on Research in Security and Privacy, 1998, pp. 86\u201399.","DOI":"10.1109\/SECPRI.1998.674826"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB3","unstructured":"A. Bahreman, J.D. Tygar, Certified electronic mail, in: Proc. Internet Society Symp. on Network and Distributed Systems Security, 1994, pp. 3\u201319."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB4","doi-asserted-by":"crossref","unstructured":"Feng Bao, R.H. Deng, Wenbo Mao, Efficient and practical fair exchange protocols with off-line TTP, in: Proc. IEEE Symp. on Research in Security and Privacy, 1998, pp. 77\u201385.","DOI":"10.1109\/SECPRI.1998.674825"},{"issue":"1","key":"10.1016\/S0304-3975(01)00141-4_BIB5","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/18.50372","article-title":"A fair protocol for signing contracts","volume":"36","author":"Ben-Or","year":"1990","journal-title":"IEEE Trans. Inform. Theory"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB6","doi-asserted-by":"crossref","unstructured":"D. Bolignano, Towards a mechanization of cryptographic protocol verification, in: Proc. 9th Internat. Conf. on Computer Aided Verification, 1997, pp. 131\u2013142.","DOI":"10.1007\/3-540-63166-6_15"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB7","doi-asserted-by":"crossref","unstructured":"I. Cervesato, N.A. Durgin, P.D. Lincoln, J.C. Mitchell, A. Scedrov, A meta-notation for protocol analysis, in: Proc. 12th IEEE Computer Security Foundations Workshop, 1999, pp. 55\u201369.","DOI":"10.1109\/CSFW.1999.779762"},{"issue":"10","key":"10.1016\/S0304-3975(01)00141-4_BIB8","doi-asserted-by":"crossref","first-page":"1030","DOI":"10.1145\/4372.4373","article-title":"Security without identification: transaction systems to make big brother obsolete","volume":"28","author":"Chaum","year":"1985","journal-title":"Comm. ACM"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB9","doi-asserted-by":"crossref","unstructured":"D. Chaum, A. Fiat, M. Naor, Untraceable electronic cash, in: Proc. Advances in Cryptology \u2013 Crypto \u201988, 1988, pp. 319\u2013327.","DOI":"10.1007\/0-387-34799-2_25"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB10","unstructured":"B. Cox, J.D. Tygar, M. Sirbu, NetBill security and transaction protocol, in: Proc. 1st USENIX Workshop on Electronic Commerce, 1995, pp. 77\u201388."},{"issue":"4","key":"10.1016\/S0304-3975(01)00141-4_BIB11","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1007\/BF00191356","article-title":"Practical and provably secure release of a secret and exchange of signatures","volume":"8","author":"Damgard","year":"1995","journal-title":"J. Cryptol."},{"issue":"3","key":"10.1016\/S0304-3975(01)00141-4_BIB12","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1007\/BF02139147","article-title":"Practical protocols for certified electronic mail","volume":"4","author":"Deng","year":"1996","journal-title":"J. Network Systems Management"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB13","doi-asserted-by":"crossref","unstructured":"D. Dill, The Mur\u03d5 verification system, in: Proc. 8th Internat. Conf. on Computer Aided Verification, 1996, pp. 390\u2013393.","DOI":"10.1007\/3-540-61474-5_86"},{"issue":"2","key":"10.1016\/S0304-3975(01)00141-4_BIB14","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inform. Theory"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB15","unstructured":"N.A. Durgin, J.C. Mitchell, Analysis of security protocols, in: M. Broy, R. Steinbruggen (Eds.), Calculational System Design, IOS Press, 1999, pp. 369\u2013395."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB16","doi-asserted-by":"crossref","unstructured":"M. Franklin, M. Reiter, Fair exchange with a semi-trusted third party, in: Proc. 4th ACM Conf. on Computer and Communications Security, 1997, pp. 1\u20136.","DOI":"10.1145\/266420.266424"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB17","doi-asserted-by":"crossref","unstructured":"J.A. Garay, M. Jakobsson, P. MacKenzie, Abuse-free optimistic contract signing, in: Proc. Advances in Cryptology\u2014Crypto \u201999, 1999, pp. 449\u2013466.","DOI":"10.1007\/3-540-48405-1_29"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB18","unstructured":"N. Heintze, J.D. Tygar, J.M. Wing, H.-C. Wong, Model checking electronic commerce protocols, in: Proc. USENIX Workshop on Electronic Commerce, 1996, pp. 147\u2013164."},{"year":"1985","series-title":"Communicating Sequential Processes","author":"Hoare","key":"10.1016\/S0304-3975(01)00141-4_BIB19"},{"issue":"2","key":"10.1016\/S0304-3975(01)00141-4_BIB20","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1007\/BF00197942","article-title":"Three systems for cryptographic protocol analysis","volume":"7","author":"Kemmerer","year":"1994","journal-title":"J. Cryptol."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB21","doi-asserted-by":"crossref","unstructured":"G. Lowe, Breaking and fixing the Needham\u2013Schroeder public-key protocol using CSP and FDR, in: Proc. 2nd Internat. Workshop on Tools and Algorithms for the Construction and Analysis of Systems, 1996, pp. 147\u2013166.","DOI":"10.1007\/3-540-61042-1_43"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB22","doi-asserted-by":"crossref","unstructured":"P. MacKenzie, E-mail communication, September 23, 1999.","DOI":"10.1111\/j.1467-842X.1999.tb01237.x"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB23","doi-asserted-by":"crossref","unstructured":"W. Marrero, E.M. Clarke, S. Jha, Model checking for security protocols, Tech. Report CMU-SCS-97-139, Carnegie Mellon University, May 1997.","DOI":"10.21236\/ADA327281"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB24","doi-asserted-by":"crossref","unstructured":"C. Meadows, Analyzing the Needham\u2013Schroeder public-key protocol: a comparison of two approaches, in: Proc. European Symp. on Research in Computer Security, 1996, pp. 365\u2013384.","DOI":"10.1007\/3-540-61770-1_46"},{"issue":"2","key":"10.1016\/S0304-3975(01)00141-4_BIB25","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1016\/0743-1066(95)00095-X","article-title":"The NRL protocol analyzer: an overview","volume":"26","author":"Meadows","year":"1996","journal-title":"J. Logic Programming"},{"year":"1995","series-title":"Communication and Concurrency","author":"Milner","key":"10.1016\/S0304-3975(01)00141-4_BIB26"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB27","unstructured":"J.C. Mitchell, M. Mitchell, U. Stern, Automated analysis of cryptographic protocols using Mur\u03d5, in: Proc. IEEE Symp. on Research in Security and Privacy, 1997, pp. 141\u2013151."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB28","unstructured":"J.C. Mitchell, V. Shmatikov, U. Stern, Finite-state analysis of SSL 3.0, in: Proc. 7th USENIX Security Symp., 1998, pp. 201\u2013215."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB29","unstructured":"http:\/\/verify.stanford.edu\/dill\/murphi.html."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB30","doi-asserted-by":"crossref","first-page":"85","DOI":"10.3233\/JCS-1998-61-205","article-title":"The inductive approach to verifying cryptographic protocols","volume":"6","author":"Paulson","year":"1998","journal-title":"J. Computer Security"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB31","doi-asserted-by":"crossref","unstructured":"A.W. Roscoe, Modelling and verifying key-exchange protocols using CSP and FDR, in: Proc. 8th IEEE Computer Security Foundations Workshop, 1995, pp. 98\u2013107.","DOI":"10.1109\/CSFW.1995.518556"},{"year":"1997","series-title":"The Theory and Practice of Concurrency","author":"Roscoe","key":"10.1016\/S0304-3975(01)00141-4_BIB32"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB33","doi-asserted-by":"crossref","unstructured":"S. Schneider, Security properties and CSP, in: Proc. IEEE Symp. on Research in Security and Privacy, 1996, pp. 174\u2013187.","DOI":"10.1109\/SECPRI.1996.502680"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB34","doi-asserted-by":"crossref","unstructured":"S. Schneider, Formal analysis of a non-repudiation protocol, in: Proc. 11th IEEE Computer Security Foundations Workshop, 1998, pp. 64\u201355.","DOI":"10.1109\/CSFW.1998.683155"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB35","unstructured":"V. Shmatikov, J.C. Mitchell, Analysis of a fair exchange protocol, in: Proc. Internet Society Symp. on Network and Distributed Systems Security, 2000, pp. 119\u2013128."},{"key":"10.1016\/S0304-3975(01)00141-4_BIB36","doi-asserted-by":"crossref","unstructured":"V. Shmatikov, J.C. Mitchell, Analysis of abuse-free contract signing, in: Proc. 4th Annual Conf. on Financial Cryptography, 2000.","DOI":"10.1007\/3-540-45472-1_13"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB37","doi-asserted-by":"crossref","unstructured":"V. Shmatikov, U. Stern, Efficient finite-state analysis for large security protocols, in: Proc. 11th IEEE Computer Security Foundations Workshop, 1998, pp. 106\u2013115.","DOI":"10.1109\/CSFW.1998.683160"},{"key":"10.1016\/S0304-3975(01)00141-4_BIB38","unstructured":"J. Zhou, D. Gollmann, A fair non-repudiation protocol, in: Proc. IEEE Symp. on Research in Security and Privacy, 1996, pp. 55\u201361."}],"container-title":["Theoretical Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0304397501001414?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0304397501001414?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T02:15:29Z","timestamp":1733710529000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0304397501001414"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2002,6]]},"references-count":38,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2002,6]]}},"alternative-id":["S0304397501001414"],"URL":"https:\/\/doi.org\/10.1016\/s0304-3975(01)00141-4","relation":{},"ISSN":["0304-3975"],"issn-type":[{"type":"print","value":"0304-3975"}],"subject":[],"published":{"date-parts":[[2002,6]]}}}