@inbook{7e6ae49fb34e427a92bf574014084594,
title = "The thousand-and-one cryptographers",
abstract = "Chaum{\textquoteright}s Dining Cryptographers protocol crystallises the essentials of security just as other famous diners once demonstrated deadlock and livelock: it is a benchmark for security models and their associated verification methods. Here we give a correctness proof of the Cryptographers in a new style, one in which stepwise refinement plays a prominent role. Furthermore, our proof applies to arbitrarily many diners: that is unusually general. The proof is based on the Shadow Security Model, which integrates non-interference and program refinement: with it, we try to make a case that stepwise development of security protocols is not only possible but also actually to be recommended. It benefits from more than 3 decades of experience of how layers of abstraction can both simplify the design process and make its outcomes more likely to be correct.",
author = "McIver, {A. K.} and Morgan, {C. C.}",
year = "2010",
doi = "10.1007/978-1-84882-912-1",
language = "English",
isbn = "9781848829121",
series = "History of computing",
publisher = "Springer, Springer Nature",
pages = "255--282",
editor = "Roscoe, {A. W.} and Jones, {C. B.} and Wood, {Kenneth B}",
booktitle = "Reflections on the work of C.A.R. Hoare",
address = "United States",
}