Security Protocols and Threat Models: Security and Privacy via The Applied π-Calculus

GIL PONS, Reynaldo; Horne, Ross; MAUW, Sjouke; STUTZ, Felix; YURKOV, Semen

doi:10.1007/978-3-032-08249-7

No full text

Book published as author, translator, etc. (Books)

Security Protocols and Threat Models: Security and Privacy via The Applied π-Calculus

GIL PONS, Reynaldo; Horne, Ross; MAUW, Sjouke et al.

2026 • Springer Cham

Editorial reviewed

Permalink
https://hdl.handle.net/10993/67530

DOI
10.1007/978-3-032-08249-7

Files (0)Send to Details Statistics Bibliography Similar publications

Files

Full Text

No document available.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Authentication; Bisimilarity; Modal logic; Process calculi; Proof systems; Proof system; Protocol modeling; Security and privacy; Security properties; Security protocols; Security threats; Threat modeling; Safety, Risk, Reliability and Quality; Computer Networks and Communications; Computational Theory and Mathematics

Abstract :

[en] Protocols connect the many devices used in our personal and professional lives. Hence we require assurances that they are secure in the face of threats. Security is too important to leave to intuition and experience alone. We need methodologies to precisely determine our security goals. A security property is one that holds despite the best efforts of an attacker, as captured by a threat model. When attacking a protocol, an eavesdropper may inject messages leading to sessions being hijacked and other data breaches. This textbook goes from intuition, to theory, to tools, explaining different security properties. Ubiquitous protocols keep the discussion real: ePassport protocols used at border checkpoints; the EMV protocol for contactless payments; and Open ID Connect used to sign in to websites. Even threats enabling car theft via relay attacks are taken into consideration by authenticating proximity. The book also analyses threats to privacy such as tracking, mitigated by making sessions unlinkable. Topics and features: The learning curve brings readers to the edge of the topic of security protocols. Multiple security and privacy properties and threats are expressed in a core calculus. Large real-world case studies showcase the methods in practice. The theory informs the accurate usage of tools for checking security protocols. Minimal protocols are selected to cleanly illustrate new concepts. This textbook is designed to take readers with some grounding in computer science to the edge of the field of security protocols. Additionally, it can serve as a highly useful reference for established researchers and security professionals branching out into threat modelling.

Disciplines :

Computer science

Author, co-author :

GIL PONS, Reynaldo ; University of Luxembourg > Faculty of Science, Technology and Medicine > Department of Computer Science > Team Sjouke MAUW

Horne, Ross ; Department of Computer and Information Sciences, University of Strathclyde, Glasgow, United Kingdom

MAUW, Sjouke ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

STUTZ, Felix ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

YURKOV, Semen ; University of Luxembourg > Faculty of Science, Technology and Medicine > Department of Computer Science > Team Sjouke MAUW

External co-authors :

yes

Language :

English

Title :

Security Protocols and Threat Models: Security and Privacy via The Applied π-Calculus

Publication date :

2026

Publisher :

Springer Cham

Peer reviewed :

Editorial reviewed

Additional URL :

https://link.springer.com/content/pdf/10.1007/978-3-032-08249-7.pdf

Available on ORBilu :

since 28 January 2026

Statistics

Number of views

5 (0 by Unilu)

Number of downloads

0 (0 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

EMV Integrated Circuit Card Specifications for Payment Systems. Book 1: Application Independent ICC to Terminal Interface Requirements. Tech. rep., EMVCo LLC (2011). URL https://www.emvco.com/document-search/. Accessed: 26-08-2021
EMV Integrated Circuit Card Specifications for Payment Systems. Book 2: Security and Key Management. Tech. rep., EMVCo LLC (2011). URL https://www.emvco.com/document-search/. Accessed: 26-08-2021
EMV Integrated Circuit Card Specifications for Payment Systems. Book 3: Application Specification. Tech. rep., EMVCo LLC (2011). URL https://www.emvco.com/document-search/. Accessed: 26-08-2021
EMV Integrated Circuit Card Specifications for Payment Systems. Book 4: Cardholder, Attendant, and Acquirer Interface Requirements. Tech. rep., EMVCo LLC (2011). URL https://www.emvco.com/document-search/. Accessed: 26-08-2021
EMV ECC key establishment protocols. RFC until 28th January 2013, EMVCo LLC (2012). URL http://www.emvco.com/specifications.aspx?id=243. Accessed: 01-04-2020
Common criteria for information technology Security evaluation. Part 2: Security functional components. Tech. rep. (2017). Version 3.1, Revision 5, CCMB-2017-04-002
Transaction Processing Rules. Tech. rep., Mastercard (2024). URL https://www.mastercard.us/content/dam/public/mastercardcom/na/global-site/documents/transaction-processing-rules.pdf. Accessed: 12-12-2024
Abadi, M., Blanchet, B., Fournet, C.: The applied pi calculus: Mobile values, new names, and secure communication. J. ACM 65(1), 1:1-1:41 (2018)
Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology 15(2), 103-127 (2002)
Ahn, K.Y., Horne, R., Tiu, A.: A characterisation of open bisimilarity using an intuitionistic modal logic. Log. Methods Comput. Sci. 17(3) (2021)
Ali, M.A.: Does the online card payment system unwittingly facilitate fraud? Ph.D. thesis, Newcastle University (2018)
Anderson, R.: Security Engineering: a Guide to Building Dependable Distributed Systems -Third Edition. Wiley (2020)
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: 23rd IEEE Computer Security Foundations Symposium, pp. 107-121 (2010)
Asokan, N., Shoup, V., Waidner, M.: Asynchronous protocols for optimistic fair exchange. In: Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No. 98CB36186), pp. 86-99. IEEE (1998)
Aubert, C., Horne, R., Johansen, C.: Diamonds for security: A non-interleaving operational semantics for the applied pi-calculus. In: Proc. 33rd Int. Conf. On Concurrency Theory (CONCUR’22), LIPIcs, vol. 243, pp. 30:1-30:26. Schloss Dagstuhl -Leibniz-Zentrum fur Informatik (2022)
Avoine, G., Bingol, M.A., Boureanu, I., Capkun, S., Hancke, G., Karda§, S., Kim, C.H., Lauradoux, C., Martin, B., Munilla, J., et al.: Security of distance-bounding: A survey. ACM Computing Surveys (CSUR) 51(5), 94:1-33 (2018). DOI 10.1145/3264628
Avoine, G., Bultel, X., Gambs, S., Gerault, D., Lafourcade, P., Onete, C., Robert, J.M.: A terrorist-fraud resistant and extractor-free anonymous distance-bounding protocol. In: Proc. 2017 ACM Asia Conference on Computer and Communications Security (ASIACCS’17), pp. 800-814. ACM, New York, USA (2017)
Baader, F., Nipkow, T.: Term rewriting and all that. Cambridge University Press, USA (1998)
Backus, J.W.: The syntax and semantics of the proposed international algebraic language of the Zurich ACM-GAMM conference. Proc. Int. Conf. On Information Processing (1959)
Barreto, P.S., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Proc. Int. workshop on selected areas in cryptography, pp. 319-331. Springer (2005)
Basin, D., Cremers, C.: Modeling and analyzing security in the presence of compromising adversaries. In: Proc. 15th European Symposium On Research In Computer Security (ES0RICS’10), LNCS, vol. 6345, pp. 340-356. Springer (2010)
Basin, D., Cremers, C., Dreier, J., Sasse, R.: Modeling and Analyzing Security Protocols with Tamarin: A Comprehensive Guide. Information Security and Cryptography. Springer (2025)
Basin, D., Dreier, J., Hirschi, L., Radomirovic, S., Sasse, R., Stettler, V.: A formal analysis of 5G authentication. In: Proc. 25th ACM Conf. On Computer and Communications Security (CCS’18), pp. 1383-1396. ACM (2018)
Basin, D., Sasse, R., Toro-Pozo, J.: Card brand mixup attack: Bypassing the PIN in non-Visa cards by using them for Visa transactions. In: Proc. 30th USENIX Security Symposium (USENIX Security’21), pp. 179-194. USENIX Association (2021)
Basin, D., Sasse, R., Toro-Pozo, J.: The EMV standard: Break, fix, verify. In: Proc. IEEE Symp. On Security and Privacy (S&P’21), pp. 1766-1781. IEEE (2021)
Bender, J., Fischlin, M., Kugler, D.: Security analysis of the PACE key-agreement protocol. In: Proc. 12th Int. Conf. On Information Security (ISC’09), LNCS, vol. 5735, pp. 33-48. Springer (2009)
Bisht, R.K., Dhami, H.S.: Discrete Mathematics. Oxford University Press (2015)
Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Foundations and Trends in Privacy and Security 1(1-2), 1-135 (2016)
Blanchet, B., Cheval, V., Cortier, V.: ProVerif with lemmas, induction, fast subsumption, and much more. In: 2022 IEEE Symp. On Security and Privacy (SP), pp. 69-86. IEEE (2022)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. In: Proc. 6th Int. Conf. On Foundations of Software Science and Computation Structures (FoSSaCS’03), LNCS, vol. 2620, pp. 136-152. Springer (2003)
Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.05: Automatic cryptographic protocol verifier, user manual and tutorial (2023). URL https://bblanche.gitlabpages.inria.fr/proverif/manual.pdf. Accessed: 19-02-2025
Bond, M., Choudary, M.O., Murdoch, S.J., Skorobogatov, S.P., Anderson, R.J.: Be prepared: The EMV preplay attack. IEEE Secur. Priv. 13(2), 56-64 (2015)
Bond, M., Choudary, O., Murdoch, S.J., Skorobogatov, S., Anderson, R.: Chip and skim: Cloning EMV cards with the pre-play attack. In: Proc. IEEE Symp. On Security and Privacy (S&P’14), pp. 49-64. IEEE (2014)
Boreale, M., Buscemi, M.G.: A method for symbolic analysis of security protocols. Theor. Comput. Sci. 338(1-3), 393-425 (2005)
Boureanu, I., Chothia, T., Debant, A., Delaune, S.: Security analysis and implementation of relay-resistant contactless payments. In: Proc. ACM Conf. On Computer and Communications Security (CCS’20), pp. 879-898. ACM (2020)
Braun, C.H., Horne, R., Kafer, T., Mauw, S.: SSI, from specifications to protocol? Formally verify security! In: Proc. ACM Web Conference 2024, (WWW’24), pp. 1620-1631. ACM (2024)
van den Breekel, J., Ortiz-Yepes, D.A., Poll, E., de Ruiter, J.: EMV in a nutshell. Tech. rep., Radboud University (2016)
Bursuc, S., Horne, R., Mauw, S., Yurkov, S.: Provably unlinkable smart card-based payments. In: Proc. 30th ACM Conference on Computer and Communications Security (CCS’23), pp. 1392-1406. ACM (2023)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proceedings 42nd IEEE Symposium on Foundations of Computer Science, pp. 136-145. IEEE (2001)
Cheval, V., Jacomme, C., Kremer, S., Kunnemann, R.: SAPIC+: Protocol verifiers of the world, unite! In: Proc. 31st USENIX Security Symposium (USENIX Security’22), pp. 3935-3952. USENIX Association (2022)
Cheval, V., Kremer, S., Rakotonirina, I.: DEEPSEC: Deciding equivalence properties in security protocols. Theory and practice. In: Proc. IEEE Symp. On Security and Privacy (S&P’18), pp. 529-546. IEEE (2018)
Chothia, T., Clee, A., Boureanu, I.,Pavlides, G.: More is less: Extrafeatures in contactless payments break security. In: Proc. 34th USENIX Security Symposium (USENIX Security’25). USENIX Association (2025). In press
Chothia, T., de Ruiter, J., Smyth, B.: Modelling and analysis of a hierarchy of distance bounding attacks. In: Proc. 27th USENIX Security Symposium (USENIX Security’18), pp. 1563-1580. USENIX Association (2018)
Coron, J., Gouget, A., Icart, T., Paillier, P.: Supplemental access control (PACE v2): Security analysis of PACE integrated mapping. In: D. Naccache (ed.) Cryptography and Security: From Theory to Applications -Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, LNCS, vol. 6805, pp. 207-232. Springer (2012)
Cortier, V., Kremer, S.: Formal models and techniques for analyzing security protocols: A tutorial. Foundations and Trends in Programming Languages 1(3), 151-267 (2014)
Cremers, C., Mauw, S.: Operational Semantics and Verification of Security Protocols. Information Security and Cryptography. Springer (2012)
Cremers, C.J.F.: The Scyther tool: Verification, falsification, and analysis of security protocols. In: Proc. 20th Int. Conf. On Computer Aided Verification (CAV’08), LNCS, vol. 5123, pp. 414-418. Springer (2008)
Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transactions on Information Theory 29(2), 198-208 (1983)
Drimer, S., Murdoch, S.J.: Keep your enemies close: Distance bounding against smartcard relay attacks. In: Proc. 16th USENIX Security Symposium (USENIX Security’07), pp. 87-102. USENIX Association (2007)
Emms, M., Arief, B., Freitas, L., Hannon, J., van Moorsel, A.: Harvesting high value foreign currency transactions from EMV contactless credit cards without the PIN. In: Proc. 21st ACM Conf. On Computer and Communications Security (CCS’14), p. 716-726. ACM (2014)
EMVCo: Worldwide EMV Deployment Statistics (2022). URL https://www.emvco.com/about-us/worldwide-emv-deployment-statistics/. Accessed: 26-01-2023
EMVCo: EMV contactless specifications for payment systems, Book C-8, Kernel 8 specification. Tech. Rep. Version 1.1 (2023)
Engelhardt, M., Pfeiffer, F., Finkenzeller, K., Biebl, E.: Extending ISO/IEC 14443 type A eavesdropping range using higher harmonics. In: Proc. European Conf. On Smart Objects, Systems and Technologies (SmartSysTech’13), pp. 1-8. IEEE (2013)
Escobar, S., Meadows, C., Meseguer, J.: Maude-npa: Cryptographic protocol analysis modulo equational properties. In: A. Aldini, G. Barthe, R. Gorrieri (eds.) Foundations of Security Analysis and Design V: FOSAD 2007/2008/2009 Tutorial Lectures, pp. 1-50. Springer (2009)
Esposito, C., Horne, R., Robaldo, L., Buelens, B., Goesaert, E.: Assessing the Solid protocol in relation to security and privacy obligations. Information 14(7), 411 (2023)
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Proc. 6th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES’04), LNCS, vol. 3156, pp. 357-370. Springer Berlin Heidelberg (2004)
Fett, D., Campbell, B., Bradley, J., Lodderstedt, T., Jones, M., Waite, D.: OAuth 2.0 Demonstrating Proof of Possession (DPoP). Tech. Rep. RFC 9449, Internet Engineering Task Force (IETF) (2023)
Fett, D., Kusters, R., Schmitz, G.: A comprehensive formal security analysis of OAuth 2.0. In: Proc. 23rd ACM Conf. On Computer and Communications Security (CCS’16), pp. 1204-1215. ACM (2016)
Filimonov, I., Horne, R., Mauw, S., Smith, Z.: Breaking unlinkability of the ICAO 9303 standard for e-passports using bisimilarity. In: Proc. 24th European Symposium On Research In Computer Security (ESORICS’19), Part 1, LNCS, vol. 11735, pp. 577-594. Springer (2019)
Gallier, J.: Discrete Mathematics. Universitext. Springer (2011)
Gentzen, G.: Investigations into logical deductions. In: M.E. Szabo (ed.) The Collected Papers of Gerhard Gentzen, pp. 68-131. North-Holland Publishing Co., Amsterdam (1969)
Gunther, C.G.: An identity-based key-exchange protocol. In: J.J. Quisquater, J. Vandewalle (eds.) Advances in Cryptology - EUROCRYPT’89, pp. 29-37. Springer Berlin Heidelberg, Berlin, Heidelberg (1990)
Habraken, R., Dolron, P., Poll, E., de Ruiter, J.: An RFID skimming gate using higher harmonics. In: Proc. 11th Int. Workshop on Radio Frequency Identification (RFIDSec’15), pp. 122-137. Springer (2015)
Hathhorn, C., Rosu, G.: Dealing with C’s original sin. IEEE Software 36(5), 24-28 (2019)
Hennessy, M., Milner, R.: Algebraic laws for nondeterminism and concurrency. J. ACM 32(1), 137-161 (1985)
Honda, K., Yoshida, N., Carbone, M.: Multiparty asynchronous session types. In: Proc. 35th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’08), pp. 273-284. ACM (2008)
Hopcroft, J.E., Motwani, R., Ullman, J.D.: Introduction to automata theory, languages, and computation, 3rd Edition. Pearson international edition. Addison-Wesley (2007)
Horne, R., Mauw, S.: Discovering epassport vulnerabilities using bisimilarity. Log. Methods Comput. Sci. 17(2), 24 (2021)
Horne, R., Mauw, S., Yurkov, S.: Unlinkability of an improved key agreement protocol for EMV 2nd gen payments. In: S. Calzavara (ed.) 35th IEEE Computer Security Foundations Symposium, CSF 2022, Haifa, Israel, August 7-10, 2022, pp. 364-379. IEEE (2022). DOI 10.1109/CSF54842.2022.9919666
Horne, R., Mauw, S., Yurkov, S.: When privacy fails, a formula describes an attack: A complete and compositional verification method for the applied H-calculus. Theor. Comput. Sci. 959, 113842 (2023)
ICAO: Machine readable travel documents. Part 11: Security mechanisms for MRTDs. (2015). URL https://www.icao.int/publications/Documents/9303_p11_cons_en.pdf. Accessed: 21-07-2025
Igarashi, A., Pierce, B.C., Wadler, P.: Featherweight Java: a minimal core calculus for Java and GJ. ACM Transactions on Programming Languages and Systems (TOPLAS) 23(3), 396-450 (2001)
Jones, S.P.: Haskell 98 language and libraries: The revised report. Cambridge University Press (2003)
Kahn, G.: The semantics of a simple language for parallel programming. In: Proc. 6th IFIP Congress (Information Processing’74), pp. 471-475. North-Holland Publishing Co. (1974)
Katz, J., Lindell, Y.: Introduction to modern cryptography: principles and protocols. Chapman and hall/CRC (2007)
Kim, I.J., Choi, E.Y., Lee, D.H.: Secure mobile RFID system against privacy and security problems. In: Proc. 3rd Int. Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU’07), pp. 67-72. IEEE (2007)
Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., et al.: seL4: Formal verification of an OS kernel. In: Proc. 22nd ACM SIGOPS symposium on Operating systems principles (SOSP’09), pp. 207-220. ACM (2009)
Kremer, S., Markowitch, O., Zhou, J.: An intensive survey of fair non-repudiation protocols. Computer communications 25(17), 1606-1621 (2002)
Kumar, R., Myreen, M.O., Norrish, M., Owens, S.: Cake ML: a verified implementation of ML. ACM SIGPLAN Notices 49(1), 179-191 (2014)
Liu, Y., Kasper, T., Lemke-Rust, K., Paar, C.: E-passport: Cracking basic access control keys. In: Proc. On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS (OTM’07), Part II, LNCS, vol. 4804, pp. 1531-1547. Springer (2007)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Softw. Concepts Tools 17(3), 93-102 (1996)
Lowe, G.: A hierarchy of authentication specifications. In: Proc. 10th Computer Security Foundations Workshop (CSFW’97), pp. 31-43. IEEE (1997)
Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proc. 23rd ACM Conf. On Computer and Communications Security (CCS’16), pp. 254-269. ACM (2016)
Mauw, S., Reniers, M.A.: Operational semantics for MSC’96. Computer Networks 31(17), 1785-1799(1999)
Mauw, S., Smith, Z., Toro-Pozo, J., Trujillo-Rasua, R.: Distance-bounding protocols: Verification without time and location. In: Proc. IEEE Symp. On Security and Privacy (S&P’18), pp. 549-566. IEEE (2018)
Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., Syverson, P.: Distance bounding protocols: Authentication logic analysis and collusion attacks. In: Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks, Advances in Information Security, vol. 30, pp. 279-298. Springer US (2007)
Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Proc. 25th Int. Conf. Computer Aided Verification (CAV’13), LNCS, vol. 8044, pp. 696-701. Springer (2013)
Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography (1st ed.). CRC Press (1996)
Milner, R.: A theory of type polymorphism in programming. J. Comput. Syst. Sci. 17(3), 348-375 (1978)
Milner, R.: A Calculus of Communicating Systems, LNCS, vol. 92. Springer (1980)
Milner, R.: Communicating and mobile systems -the Pi-calculus. Cambridge University Press (1999)
Milner, R., Parrow, J., Walker, D.: A calculus of mobile processes, Part I and II. Information and Computation 100(1), 1-100 (1992)
Morgan, J., Coburn, A., Bosquet, M.: Solid-OIDC primer. version 0.1.0. URL https://solidproject.org/TR/oidc-primer. Accessed: 21-07-2025
Murdoch, S.J., Drimer, S., Anderson, R., Bond, M.: Chip and PIN is broken. In: Proc. IEEE Symp. On Security and Privacy (S&P’10), pp. 433-446. IEEE (2010)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993-999 (1978)
Pancho, S.: Paradigm shifts in protocol analysis. In: Proc. Workshop on New Security Paradigms (NSPW’99), pp. 70-79. ACM (1999)
Peltz, C.: Web services orchestration and choreography. Computer 36(10), 46-52 (2003)
Plotkin, G.D.: The origins of structural operational semantics. The Journal of Logic and Algebraic Programming 60-61, 3-15 (2004)
Radu, A.I., Chothia, T., Newton, C.J., Boureanu, I., Chen, L.: Practical EMV relay protection. In: Proc. IEEE Symp. On Security and Privacy (S&P’22), pp. 1737-1756. IEEE (2022)
Reisig, W.: Petri nets: An introduction, vol. 4. Springer Science & Business Media (2012)
Ryan, P.Y., Schneider, S., Goldsmith, M., Lowe, G., Roscoe, B.: The Modelling and Analysis of Security Protocols: The CSP Approach, first edn. Addison-Wesley Professional (2000)
Sakimura, N., Bradley, J., Agarwal, N.: Proof Key for Code Exchange by OAuth Public Clients. Tech. Rep. RFC 7636, Internet Engineering Task Force (IETF) (2015)
Sangiorgi, D., Walker, D.: The Pi-Calculus -a theory of mobile processes. Cambridge University Press (2001)
Schaller, P., Schmidt, B., Basin, D.A., Capkun, S.: Modeling and verifying physical prop-erties of security protocols for wireless networks. In: Proc. 22nd IEEE Computer Security Foundations Symposium, (CSF’09), pp. 109-123. IEEE (2009)
zu Selhausen, K.M., Fett, D.: OAuth 2.0 Authorization Server Issuer Identification. Tech. Rep. RFC 9207, Internet Engineering Task Force (IETF) (2022)
Tidy, J.: Crypto hacker offered reward after $600m heist. Cyber security reporter, BBC News (2021). URLhttps://www.bbc.com/news/business-58193396. Accessed: 13-08-2021
Tiu, A.F., Gore, R., Dawson, J.: A Proof Theoretic Analysis of Intruder Theories. Logical Methods in Computer Science 6(3) (2010)
Ungoed-Thomas, J.: Revealed: car industry was warned keyless vehicles vulnerable to theft a decade ago. The Guardian (2024). URL https://www.theguardian.com/uk-news/2024/feb/24/revealed-car-industry-was-warned-keyless-vehicles-vulnerable-to-theft-a-decade-ago. Accessed: 24-04-2024
Urban, C., Pitts, A.M., Gabbay, M.J.: Nominal unification. Theoretical Computer Science 323(1-3), 473-497 (2004)
Verheul, E.R.: Self-blindable credential certificates from the Weil pairing. In: Proc. 7th Int. Conf. On the Theory and Application of Cryptology and Information Security (ASI-ACRYPT’01), LNCS, vol. 2248, pp. 533-551. Springer (2001)