Skip to main content
SpringerLink
Log in

Generic Verification of Security Protocols

  • Conference paper
Model Checking Software (SPIN 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3639))

Included in the following conference series:

Abstract

Security protocols are notoriously difficult to debug. One approach to the automatic verification of security protocols with a bounded set of agents uses logic programming with analysis and synthesis rules to describe how the attacker gains information and constructs new messages.

We propose a generic approach to verifying security protocols in Spin. The dynamic process creation mechanism of Spin is used to nondeterministically create different combinations of role instantiations. We incorporate the synthesis and analysis features of the logic programming approach to describe how the intruder learns information and replays it back into the system. We formulate a generic “loss of secrecy” property that is flagged whenever the intruder learns private information from an intercepted message. We also describe a simplification of the Dolev-Yao attacker model that suffices to analyze secrecy properties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Amadio, R.M., Lugiez, D., Vanackère, V.: On the symbolic reduction of processes with cryptographic functions. Theoretical Computer Science 290(1), 695–740 (2002)

    Article  Google Scholar 

  2. Anderson, R., Needham, R.M.: Programming Satan’s computer. In: van Leeuwen, J. (ed.) Computer Science Today. LNCS, vol. 1000, pp. 426–441. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  3. Abadi, M., Needham, R.M.: Prudent engineering practices for cryptographic protocols. IEEE Transactions on Software Engineering 22, 6–15 (1996)

    Article  Google Scholar 

  4. Abadi, M., Tuttle, M.: A Semantics fo a Logic of Authentication. In: Proceedings of the 10th ACM Annual Symposium on Principles of Distributed Computing, August 1991, pp. 201–216 (1991)

    Google Scholar 

  5. Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)

    Article  Google Scholar 

  6. Bolignano, D.: Towards a mechanization of cryptographic protocol verification. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  7. Blanchet, B., Podelski, A.: Verification of Cryptographic Protocols: Tagging Enforces Termination. In: Gordon, A.D. (ed.) FOSSACS 2003. LNCS, vol. 2620, pp. 136–152. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Clark, J., Jacob, J.: A survey of authentication protocol literature (1997), Electronic version available at http://www.cs.york.ac.uk/~jac

  9. Durgin, N.A., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: The undecidability of bounded security protocols. In: Proceedings of the Workshop on Formal Methods and Security Protocols, FMSP 1999 (1999)

    Google Scholar 

  10. Denker, G., Millen, J., Ruess, H.: The CAPSL Integrated Protocol Environment. Technical Report SRI-CSL-2000-02, SRI (October 2000), Available at http://www.csl.sri.com/users/millen/capsl

  11. Debbabi, M., Mejri, M., Tawbi, N., Yahmadi, I.: Formal automatic verification of authentication protocols. In: Proceedings of the First IEEE International Conference on Formal Engineering Methods (ICFEM 1997). IEEE Press, Los Alamitos (1997)

    Google Scholar 

  12. Dolev, D., Yao, A.: On the Security of public-key protocols. IEEE Transactions on Information Theory 29, 198–208 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  13. Gong, L., Needham, R., Yahalom, R.: Reasoning About Belief in Cryptographic Protocols. In: Cooper, D., Lunt, T. (eds.) Proceedings 1990 IEEE Symposium on Research in Security and Privacy, pp. 234–248. IEEE Computer Society, Los Alamitos (1990)

    Chapter  Google Scholar 

  14. Khan, A.S., Mukund, M., Suresh, S.P.: Generic verification of security protocols. Technical report, CMI (May 2005), Electronic version available at http://www.cmi.ac.in/~spsuresh

  15. Lowe, G.: Breaking and fixing the Needham-Schroeder public key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)

    Google Scholar 

  16. Lowe, G.: Casper: A compiler for the analysis of security protocols. Journal of computer security 6, 53–84 (1998)

    Google Scholar 

  17. Lowe, G., Roscoe, B.: Using CSP to detect errors in the TMN protocol. IEEE Transactions of Software Engineering 23(10), 659–669 (1997)

    Article  Google Scholar 

  18. Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using Murϕ. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 141–153 (1997)

    Google Scholar 

  19. Millen, J.K., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: ACM Conference on Computer and Communications Security, pp. 166–175 (2001)

    Google Scholar 

  20. Maggi, P., Sisto, R.: Using SPIN to Verify Security Protocols. In: Bošnački, D., Leue, S. (eds.) SPIN 2002. LNCS, vol. 2318, pp. 187–204. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Needham, R.M., Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM 21(12), 993–999 (1978)

    Article  MATH  Google Scholar 

  22. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of computer security 6, 85–128 (1998)

    Google Scholar 

  23. Ramanujam, R., Suresh, S.P.: Decidability of context-explicit security protocols. Journal of Computer Security 13(1), 135–165 (2005)

    Google Scholar 

  24. Syverson, P.F., Cervesato, I.: The logic of authentication protocols. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 63–106. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Schneider, S.: Security properties and CSP. In: Proceedings of the IEEE Computer Society Symposium on Security and Privacy (1996)

    Google Scholar 

  26. Schneider, S.: Verifying authentication protocols with CSP. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop (1997)

    Google Scholar 

  27. Suresh, S.P.: Foundations of Security Protocol Analysis. PhD thesis, The Institute of Mathematical Sciences, Chennai, India, Madras University (November 2003), Available at http://www.cmi.ac.in/~spsuresh

Download references

Author information

Authors and Affiliations

  1. Chennai Mathematical Institute, 92 G.N. Chetty Road, T.Nagar, Chennai, 600 017, India

    Abdul Sahid Khan, Madhavan Mukund & S. P. Suresh

Authors
  1. Abdul Sahid Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Madhavan Mukund
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. P. Suresh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research,  

    Patrice Godefroid

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Khan, A.S., Mukund, M., Suresh, S.P. (2005). Generic Verification of Security Protocols. In: Godefroid, P. (eds) Model Checking Software. SPIN 2005. Lecture Notes in Computer Science, vol 3639. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11537328_18

Download citation

  • DOI: https://doi.org/10.1007/11537328_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28195-5

  • Online ISBN: 978-3-540-31899-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation