---------- Forwarded message ---------- Date: Sat, 3 Nov 2001 18:15:47 +1300 (NZDT) From: Peter Gutmann <pgut001@cs.auckland.ac.nz> To: bmukherj@styx.uwaterloo.ca, cryptography@wasabisystems.com, rick_smith@securecomputing.com Subject: Re: Proving security protocols Rick Smith at Secure Computing <rick_smith@securecomputing.com> writes:
At 09:00 AM 11/1/2001, Roop Mukherjee wrote:
Can someone offer some criticism of the practice formal verification in general ? Okay, I'll grab this hot potato.
I may as well speak up as well then... I spent most of a chapter of my thesis looking at formal security verification in fairly exhaustive detail (if I missed anything I'm sure I'll hear about it soon :-). You can get it as http://www.cryptoapps.com/~peter/04_verif_techniques.pdf. The conclusion is that there are more effective ways to spend your time and money, but for the full story I'd recommend you read the above document. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com