References of "Horne, Ross James 50032150"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailUnlinkability of an Improved Key Agreement Protocol for EMV 2nd Gen Payments
Horne, Ross James UL; Mauw, Sjouke UL; Yurkov, Semen UL

Scientific Conference (2022, August 10)

To address known privacy problems with the EMV standard, EMVCo have proposed a Blinded Diffie-Hellman key establishment protocol, which is intended to be part of a future 2nd Gen EMV protocol. We point ... [more ▼]

To address known privacy problems with the EMV standard, EMVCo have proposed a Blinded Diffie-Hellman key establishment protocol, which is intended to be part of a future 2nd Gen EMV protocol. We point out that active attackers were not previously accounted for in the privacy requirements of this proposal protocol, and demonstrate that an active attacker can compromise unlinkability within a distance of 100cm. Here, we adopt a strong definition of unlinkability that does account for active attackers and propose an enhancement of the protocol proposed by EMVCo. We prove that our protocol does satisfy strong unlinkability, while preserving authentication. [less ▲]

Detailed reference viewed: 46 (1 UL)
Full Text
Peer Reviewed
See detailCloud removal from satellite imagery using multispectral edge-filtered conditional generative adversarial networks
Hasan, Cengis; Horne, Ross James UL; Mauw, Sjouke UL et al

in International Journal of Remote Sensing (2022), 43(5), 1881-1893

Detailed reference viewed: 42 (1 UL)
Full Text
Peer Reviewed
See detailA Graphical Proof Theory of Logical Time
Acclavio, Matteo UL; Horne, Ross James UL; Mauw, Sjouke UL et al

in Felty, Amy P. (Ed.) Proc. 7th International Conference on Formal Structures for Computation and Deduction (FSCD 2022) (2022)

Logical time is a partial order over events in distributed systems, constraining which events precede others. Special interest has been given to series-parallel orders since they correspond to formulas ... [more ▼]

Logical time is a partial order over events in distributed systems, constraining which events precede others. Special interest has been given to series-parallel orders since they correspond to formulas constructed via the two operations for "series" and "parallel" composition. For this reason, series-parallel orders have received attention from proof theory, leading to pomset logic, the logic BV, and their extensions. However, logical time does not always form a series-parallel order; indeed, ubiquitous structures in distributed systems are beyond current proof theoretic methods. In this paper, we explore how this restriction can be lifted. We design new logics that work directly on graphs instead of formulas, we develop their proof theory, and we show that our logics are conservative extensions of the logic BV. [less ▲]

Detailed reference viewed: 29 (0 UL)
Full Text
Peer Reviewed
See detailIs Eve nearby? Analysing protocols under the distant-attacker assumption
Gil Pons, Reynaldo UL; Horne, Ross James UL; Mauw, Sjouke UL et al

in IEEE Computer Security Foundations Symposium, August 7 - 10, 2022, Haifa, Israel (2022)

Detailed reference viewed: 68 (13 UL)
Full Text
Peer Reviewed
See detailA Characterisation of Open Bisimilarity using an Intuitionistic Modal Logic
Ahn, Ki Yung; Horne, Ross James UL; Tiu, Alwen

in Logical Methods in Computer Science (2021), 17(3), 21240

Detailed reference viewed: 32 (0 UL)
Full Text
Peer Reviewed
See detailCompositional Analysis of Protocol Equivalence in the Applied pi-Calculus Using Quasi-open Bisimilarity
Horne, Ross James UL; Mauw, Sjouke UL; Yurkov, Semen UL et al

in Theoretical Aspects of Computing -- ICTAC 2021 (2021)

This paper shows that quasi-open bisimilarity is the coarsest bisimilarity congruence for the applied pi-calculus. Furthermore, we show that this equivalence is suited to security and privacy problems ... [more ▼]

This paper shows that quasi-open bisimilarity is the coarsest bisimilarity congruence for the applied pi-calculus. Furthermore, we show that this equivalence is suited to security and privacy problems expressed as an equivalence problem in the following senses: (1) being a bisimilarity is a safe choice since it does not miss attacks based on rich strategies; (2) being a congruence it enables a compositional approach to proving certain equivalence problems such as unlinkability; and (3) being the coarsest such bisimilarity congruence it can establish proofs of some privacy properties where finer equivalences fail to do so. [less ▲]

Detailed reference viewed: 32 (3 UL)
Full Text
Peer Reviewed
See detailDiscovering ePassport Vulnerabilities using Bisimilarity
Horne, Ross James UL; Mauw, Sjouke UL

in Logical Methods in Computer Science (2021), 17(2), 241--2452

Detailed reference viewed: 22 (1 UL)
Full Text
Peer Reviewed
See detailAssuming Just Enough Fairness to make Session Types Complete for Lock-freedom
van Glabeek, Robert J.; Höfner, Peter; Horne, Ross James UL

in 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS '21) (2021)

Detailed reference viewed: 30 (0 UL)
Full Text
Peer Reviewed
See detailLogic Beyond Formulas: A Graphical Proof System
Horne, Ross James UL; Acclavio, Matteo UL; Straßburger, Lutz

in LICS '20: Proceedings of the 35th Annual ACM/IEEE Symposium on Logic in Computer Science (2020)

Detailed reference viewed: 164 (5 UL)
Full Text
Peer Reviewed
See detailAttack-Defence Frameworks: Argumentation-Based Semantics for Attack-Defence Trees.
Gabbay, Dov M. UL; Horne, Ross James UL; Mauw, Sjouke UL et al

in Graphical Models for Security - 7th International Workshop (2020)

Detailed reference viewed: 57 (11 UL)
Full Text
Peer Reviewed
See detailSession Subtyping and Multiparty Compatibility Using Circular Sequents
Horne, Ross James UL

in In 31st International Conference on Concurrency Theory (CONCUR 2020). (2020)

Detailed reference viewed: 53 (3 UL)
Full Text
Peer Reviewed
See detailBreaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity
Horne, Ross James UL; Mauw, Sjouke UL; Smith, Zachary Daniel UL et al

in Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity (2019, September 23)

We clear up confusion surrounding privacy claims about the ICAO 9303 standard for e-passports. The ICAO 9303 standard includes a Basic Access Control (BAC) protocol that should protect the user from being ... [more ▼]

We clear up confusion surrounding privacy claims about the ICAO 9303 standard for e-passports. The ICAO 9303 standard includes a Basic Access Control (BAC) protocol that should protect the user from being traced from one session to another. While it is well known that there are attacks on BAC, allowing an attacker to link multiple uses of the same passport, due to differences in implementation; there still remains confusion about whether there is an attack on unlinkability directly on the BAC protocol as specified in the ICAO 9303 standard. This paper clarifies the nature of the debate, and sources of potential confusion. We demonstrate that the original privacy claims made are flawed, by uncovering attacks on a strong formulation of unlinkability. We explain why the use of the bisimilarity equivalence technique is essential for uncovering our attacks. We also clarify what assumptions lead to proofs of formulations of unlinkability using weaker notions of equivalence. Furthermore, we propose a fix for BAC within the scope of the standard, and prove that it is correct, again using a state-of-the-art approach to bisimilarity. [less ▲]

Detailed reference viewed: 83 (3 UL)
Full Text
Peer Reviewed
See detailDe Morgan Dual Nominal Quantifiers Modelling Private Names in Non-Commutative Logic
Horne, Ross James UL; Tiu, Alwen; Aman, Bogdan et al

in ACM Transactions on Computational Logic (2019), 20(4), 221--2244

Detailed reference viewed: 60 (2 UL)
Full Text
Peer Reviewed
See detailGlobal Types with Internal Delegation
Castellani, Ilaria; Dezani-Ciancaglini, Mariangiola; Giannini, Paola et al

in Theoretical Computer Science (2019)

This paper investigates a new form of delegation for multiparty session calculi. Usually, delegation allows a session participant to appoint a participant in another session to act on her behalf. This ... [more ▼]

This paper investigates a new form of delegation for multiparty session calculi. Usually, delegation allows a session participant to appoint a participant in another session to act on her behalf. This means that delegation is inherently an inter-session mechanism, which requires session interleaving. Hence delegation falls outside the descriptive power of global types, which specify single sessions. As a consequence, properties such as deadlock-freedom or lock-freedom are difficult to ensure in the presence of delegation. Here we adopt a different view of delegation, by allowing participants to delegate tasks to each other within the same multiparty session. This way, delegation occurs within a single session (internal delegation) and may be captured by its global type. To increase flexibility in the use of delegation, our calculus uses connecting communications, which allow optional participants in the branches of choices. By these means, we are able to express conditional delegation. We present a session type system based on global types with internal delegation, and show that it ensures the usual safety properties of multiparty sessions, together with a progress property. [less ▲]

Detailed reference viewed: 33 (1 UL)
Full Text
Peer Reviewed
See detailConstructing weak simulations from linear implications for processes with private names
Horne, Ross James UL; Tiu, Alwen

in Mathematical Structures in Computer Science (2019)

Detailed reference viewed: 104 (0 UL)
Full Text
Peer Reviewed
See detailThe Sub-Additives: A Proof Theory for Probabilistic Choice extending Linear Logic
Horne, Ross James UL

in 4th International Conference on Formal Structures for Computation and Deduction (FSCD 2019). (2019)

Detailed reference viewed: 34 (0 UL)
Full Text
Peer Reviewed
See detailGraphical Models for Security - 6th International Workshop, Revised Papers
Albanese, Massimiliano; Horne, Ross James UL; Probst, Christian W.

Scientific Conference (2019)

Detailed reference viewed: 52 (0 UL)
Full Text
Peer Reviewed
See detailThe Attacker Does not Always Hold the Initiative: Attack Trees with External Refinement
Horne, Ross James UL; Mauw, Sjouke UL; Tiu, Alwen

in Proc.\ 5th International Workshop on Graphical Models for Security (GraMSec'18) (2018)

Detailed reference viewed: 118 (10 UL)
Full Text
Peer Reviewed
See detailQuasi-Open Bisimilarity with Mismatch is Intuitionistic
Horne, Ross James UL; Ahn, Ki Yung; Lin, Shang-wei et al

in Proceedings of LICS '18: 33rd Annual ACM/IEEE Symposium on Logic in Computer Science, Oxford, United Kingdom, July 9-12, 2018 (LICS '18) (2018)

Quasi-open bisimilarity is the coarsest notion of bisimilarity for the π-calculus that is also a congruence. This work extends quasi-open bisimilarity to handle mismatch (guards with inequalities). This ... [more ▼]

Quasi-open bisimilarity is the coarsest notion of bisimilarity for the π-calculus that is also a congruence. This work extends quasi-open bisimilarity to handle mismatch (guards with inequalities). This minimal extension of quasi-open bisimilarity allows fresh names to be manufactured to provide constructive evidence that an inequality holds. The extension of quasi-open bisimilarity is canonical and robust --- coinciding with open barbed bisimilarity (an objective notion of bisimilarity congruence) and characterised by an intuitionistic variant of an established modal logic. The more famous open bisimilarity is also considered, for which the coarsest extension for handling mismatch is identified. Applications to checking privacy properties are highlighted. Examples and soundness results are mechanised using the proof assistant Abella. [less ▲]

Detailed reference viewed: 115 (8 UL)
Full Text
Peer Reviewed
See detailSemantics for specialising attack trees based on linear logic
Horne, Ross James UL; Mauw, Sjouke UL; Tiu, Alwen

in Fundamenta Informaticae (2017), 153(1-2), 57-86

Attack trees profile the sub-goals of the proponent of an attack. Attack trees have a variety of semantics depending on the kind of question posed about the attack, where questions are captured by an ... [more ▼]

Attack trees profile the sub-goals of the proponent of an attack. Attack trees have a variety of semantics depending on the kind of question posed about the attack, where questions are captured by an attribute domain. We observe that one of the most general semantics for attack trees, the multiset semantics, coincides with a semantics expressed using linear logic propositions. The semantics can be used to compare attack trees to determine whether one attack tree is a specialisation of another attack tree. Building on these observations, we propose two new semantics for an extension of attack trees named causal attack trees. Such attack trees are extended with an operator capturing the causal order of sub-goals in an attack. These two semantics extend the multiset semantics to sets of series-parallel graphs closed under certain graph homomorphisms, where each semantics respects a class of attribute domains. We define a sound logical system with respect to each of these semantics, by using a recently introduced extension of linear logic, called MAV , featuring a non-commutative operator. The non-commutative operator models causal dependencies in causal attack trees. Similarly to linear logic for attack trees, implication defines a decidable preorder for specialising causal attack trees that soundly respects a class of attribute domains. [less ▲]

Detailed reference viewed: 258 (4 UL)