I am a lecturer and Senior Scientist (Focus Education) at the department of computer science D-INFK at ETH Zurich. My research focuses on the intersection of information security and formal methods, specifically the automated analysis of security protocols and the development of tools for that purpose.
-
Getting Chip Card Payments Right
David Basin, Xenia Hofmeier, Ralf Sasse, Jorge Toro-Pozo
26th International Symposium on Formal Methods (FM), 2024.
-
Sound Verification of Security Protocols: From Design to Interoperable Implementations
Linard Arquint, Felix Wolf, Joseph Lallemand, Ralf Sasse, Christoph Sprenger, Sven Wiesner, David Basin, Peter Müller
44th IEEE Symposium on Security and Privacy (S&P 2023), 2023.
-
I'm Surprised So Much is Connected: A Study on Users' Online Account Security Connections
Sven Hammann, Michael Crabb, Sasa Radomirovic, Ralf Sasse, David Basin
CHI '22: CHI Conference on Human Factors in Computing Systems, 2022.
-
Tamarin: Verification of Large-Scale, Real World, Cryptographic Protocols
David Basin, Cas Cremers, Jannik Dreier, Ralf Sasse
IEEE Security and Privacy Magazine, special issue on Formal Methods at Scale, 2022.
-
A Comprehensive Formal Analysis of 5G Handover
Aleksi Peltonen, Ralf Sasse, David Basin
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2021.
-
Card Brand Mixup Attack: Bypassing the PIN in non-Visa Cards by Using Them for Visa Transactions
David Basin, Ralf Sasse, Jorge Toro-Pozo
Usenix Security, 2021.
-
The EMV Standard: Break, Fix, Verify *Best Practical Paper Award*
David Basin, Ralf Sasse, Jorge Toro-Pozo
Proceedings of the 2021 IEEE Symposium on Security and Privacy (Oakland).
-
A Spectral Analysis of Noise: A Comprehensive, Automated, Formal Analysis of Diffie-Hellman Protocols
Guillaume Girol, Lucca Hirschi, Ralf Sasse, Dennis Jackson, Cas Cremers, David Basin
Usenix Security, 2020.
-
SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust
Laurent Chuat, AbdelRahman Abdou, Ralf Sasse, Christoph Sprenger, David Basin, Adrian Perrig
5th IEEE EuroS&P, 2020.
-
Privacy-Preserving OpenID Connect
Sven Hammann, Ralf Sasse, David Basin
15th ACM AsiaCCS, 2020.
-
Verification of Stateful Cryptographic Protocols with Exclusive OR
Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, Ralf Sasse
Journal of Computer Security, 28(1): 1-34 (2020).
-
Formal Analysis and Implementation of a TPM 2.0-based Direct Anonymous Attestation Scheme
Stephan Wesemeyer, Helen Treharne, Liqun Chen, Christopher Newton, Ralf Sasse, Jorden Whitefield
15th ACM AsiaCCS, 2020.
-
User Account Access Graphs
Sven Hammann, Sasa Radomirovic, Ralf Sasse, David Basin
ACM Conference on Computer and Communications Security (CCS), London, UK, 2019.
-
Seems Legit: Automated Analysis of Subtle Attacks on Protocols that Use Signatures
Dennis Jackson, Cas Cremers, Katriel Cohn-Gordon, Ralf Sasse
ACM Conference on Computer and Communications Security (CCS), London, UK, 2019.
-
Symbolic Analysis of Identity-Based Protocols
David Basin, Lucca Hirschi, Ralf Sasse
Foundations of Security, Protocols, and Equational Reasoning -- Essays Dedicated to Catherine A. Meadows -- CathyFest 2019, LNCS volume 11565, 2019.
-
A Symbolic Analysis of ECC-based Direct Anonymous Attestation
Jorden Whitefield, Liqun Chen, Ralf Sasse, Steve Schneider, Helen Treharne, Stephan Wesemeyer
4th IEEE EuroS&P, 2019.
-
A Formal Analysis of 5G Authentication
David Basin, Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, Ralf Sasse, Vincent Stettler
ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018.
-
Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR
Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, Ralf Sasse
31st IEEE Computer Security Foundations Symposium (CSF), 2018.
-
Symbolically Analyzing Security Protocols using TAMARIN
David Basin, Cas Cremers, Jannik Dreier, Ralf Sasse
ACM SIGLOG News, October 2017, Vol. 4, No. 4.
-
Beyond Subterm-Convergent Equational Theories in Automated Verification of Stateful Protocols
Jannik Dreier, Charles Dumenil, Steve Kremer, Ralf Sasse
6th International Conference on Principles of Security and Trust (POST 2017).
-
Design, Analysis, and Implementation of ARPKI: an Attack Resilient Public-Key Infrastructure
David Basin, Cas Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, Pawel Szalachowski
IEEE Transactions on Dependable and Secure Computing ( Volume: 15, Issue: 3 ).
-
Automated Symbolic Proofs of Observational Equivalence
David Basin, Jannik Dreier, Ralf Sasse
ACM CCS 2015.
-
Alice and Bob Meet Equational Theories
David Basin, Michel Keller, Sasa Radomirovic, Ralf Sasse
Logic, Rewriting, and Concurrency - Festschrift Symposium in Honor of José Meseguer 2015.
-
ARPKI: Attack Resilient Public-Key Infrastructure
David Basin, Cas Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, Pawel Szalachowski
ACM CCS 2014.
-
Automated Verification of Group Key Agreement Protocols
Benedikt Schmidt, Ralf Sasse, Cas Cremers, David Basin
Proceedings of the 2014 IEEE Symposium on Security and Privacy (Oakland).
-
Asymmetric Unification: A New Unification Paradigm for Cryptographic Protocol Analysis
Serdar Erbatur, Santiago Escobar, Deepak Kapur, Zhiqiang Liu, Christopher Lynch, Catherine Meadows, José Meseguer, Paliath Narendran, Sonia Santiago, Ralf Sasse
In CADE 2013, LNCS proceedings: 231-248.
-
IBOS: A Correct-By-Construction Modular Browser
Ralf Sasse, Samuel T. King, José Meseguer, Shuo Tang
Formal Aspects of Component Software 2012, LNCS proceedings.
-
Effective Symbolic Protocol Analysis via Equational Irreducibility Constraints
Serdar Erbatur, Santiago Escobar, Deepak Kapur,
Zhiqiang Liu, Christopher Lynch, Catherine Meadows,
José Meseguer, Paliath Narendran, Sonia Santiago, Ralf Sasse
In ESORICS 2012: 73-90
-
Security Models in Rewriting Logic for Cryptographic Protocols and Browsers
Ralf Sasse
PhD thesis
-
Folding Variant Narrowing and Optimal Variant Termination (journal version)
Santiago Escobar, Ralf Sasse, José Meseguer
In Journal of Logic and Algebraic Programming.
-
Protocol analysis in Maude-NPA using unification modulo homomorphic encryption
Santiago Escobar, Deepak Kapur, Christopher Lynch, Catherine Meadows, José Meseguer, Paliath Narendran, Ralf Sasse
In Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming.
-
Protocol Analysis Modulo Combination of Theories: A Case Study in Maude-NPA
Ralf Sasse, Santiago Escobar, Catherine Meadows, José Meseguer
In Security and Trust Management - 6th International Workshop, STM 2010.
-
Folding Variant Narrowing and Optimal Variant Termination
Santiago Escobar, Ralf Sasse, José Meseguer
In 8th International Workshop on Rewriting Logic and its Applications, 2010
-
Model-Checking DoS Amplification for VoIP Session Initiation
Ravinder Shankesi, Musab AlTurki, Ralf Sasse, Carl A. Gunter, José Meseguer
In ESORICS 2009: 390-405
-
Effectively Checking the Finite Variant Property
Santiago Escobar, José Meseguer, Ralf Sasse
In RTA 2008: Rewriting Techniques and Applications
-
Variant Narrowing and Equational Unification
Santiago Escobar, José Meseguer, Ralf Sasse
In 7th International Workshop on Rewriting Logic and its Applications, 2008
-
A Systematic Approach to Uncover Security Flaws in GUI Logic
Shuo Chen, José Meseguer, Ralf Sasse, Helen J. Wang, Yi-Min Wang
In IEEE Symposium on Security and Privacy, Oakland, California, May 2007
-
Java+ITP: A Verification Tool Based on Hoare Logic and Algebraic Semantics
Ralf Sasse, José Meseguer
6th International Workshop on Rewriting Logic and its Applications , WRLA, Vienna, Austria, April 2006, ENTCS, Elsevier
-
Automatic Validation of Transformation Rules for Java Verification against a Rewriting Semantics
Wolfgang Ahrendt, Andreas Roth, Ralf Sasse
12th International Conference on Logic for Programming, Artificial Intelligence and Reasoning, LPAR, Montego Bay, Jamaica, December 2005, LNCS 3835, Springer