Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Trustworthy Global Computing

TGC 2005: Trustworthy Global Computing pp 33–60Cite as

Model–Based Testing of Cryptographic Protocols

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3705))

Abstract

Modeling is a popular way of representing the behavior of a system. A very useful type of model in computing is an abstract state machine which describes transitions over first order structures. The general purpose model-based testing tool SpecExplorer (used within Microsoft, also available externally) uses such a model, written in AsmL or Spec#, to perform a search that checks that all reachable states of the model are safe, and also to check conformance of an arbitrary .NET implementation to the model. Spec Explorer provides a variety of ways to cut down the state space of the model, for instance by finitizing parameter domains or by providing predicate abstraction. It has already found subtle bugs in production software.

First order structures and abstract state machines over them are also a useful way to think about cryptographic protocols, since models formulated in these terms arise by natural abstraction from computational cryptography.

In this paper we explain this abstraction process, ‘experiments as structures’, and argue for its faithfulness. We show how the Dolev–Yao intruder model fits into SpecExplorer. In a word, the actions of the Dolev–Yao intruder are the ‘controllable’ actions of the testing framework, whereas the actions of protocol participants are the ‘observable’ actions of the model. The unsafe states are the states violating say Lowe’s security guarantees. Under this view, the general purpose software testing tool quickly finds known attacks, such as Lowe’s attack on the Needham–Schroeder protocol.

An erratum to this chapter can be found at http://dx.doi.org/10.1007/11580850_20 .

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adão, P., Bana, G., Scedrov, A.: Computational and information theoretic soundness and completeness of formal encryption. In: 18th IEEE Computer Security Foundations Workshop – CSFW 2005 (2005)

    Google Scholar 

  2. Abadi, M., Jürjens, J.: Formal eavesdropping and its computational interpretation. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, p. 82. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Abadi, M., Rogaway, P.: Reconciling two views of cryptography (The computational soundness of formal encryption). Journal of Cryptology 15(2), 103–127 (2002)

    MATH  MathSciNet  Google Scholar 

  4. Bana, G.: Soundness and Completeness of Formal Logics of Symmetric Encryption. PhD thesis, University of Pennsylvania (2004)

    Google Scholar 

  5. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public–key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 26. Springer, Heidelberg (1998)

    Google Scholar 

  6. Blass, A., Gurevich, Y.: Background, reserve, and gandy machines. In: Clote, P.G., Schwichtenberg, H. (eds.) CSL 2000. LNCS, vol. 1862, p. 1. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Blass, A., Gurevich, Y.: Algortihms: A quest for absolute definitions. Bulletin of the European Association for Theoretical Computer Science 81, 195–225 (2003)

    MATH  MathSciNet  Google Scholar 

  8. Blass, A., Gurevich, Y.: Ordinary interactive small–step algorithms I. Technical Report MSR-TR-2004-16, Microsoft Research (2004)

    Google Scholar 

  9. Blass, A., Gurevich, Y.: Ordinary interactive small–step algorithms II. Technical Report MSR-TR-2004-88, Microsoft Research (2004)

    Google Scholar 

  10. Gurevich, Y.: Sequential abstract state machines capture sequential algorithms. ACM Transactions on Computational Logic 1(1), 77–111 (2000)

    Article  MathSciNet  Google Scholar 

  11. Gurevich, Y.: Interactive algorithms 2005. Technical Report MSR-TR-2005-73, Microsoft Research (2005)

    Google Scholar 

  12. Horvitz, O., Gligor, V.: Weak key authenticity and the computational completeness of formal encryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 530–547. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Micciancio, D., Warinschi, B.: Completeness theorems for the Abadi-Rogaway language of encrypted expressions. Journal of Computer Security 12(1), 99–130 (2004)

    Google Scholar 

  14. Micciancio, D., Warinschi, B.: Soundness of formal encryption in the presence of active adversaries. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 133–151. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  15. Rosenzweig, D., Runje, D.: Some things algorithms cannot do. Technical Report MSR-TR-2005-52, Microsoft Research (2005)

    Google Scholar 

  16. Rosenzweig, D., Runje, D., Slani, N.: Privacy, abstract encryption and protocols: an ASM model – Part I. In: Börger, E., Gargantini, A., Riccobene, E. (eds.) ASM 2003. LNCS, vol. 2589, pp. 372–390. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. The AsmL webpage, http://research.microsoft.com/asml/

  18. Rosenzweig, D., Runje, D., Slani, N.: Privacy, abstract encryption and protocols: an ASM model – Part I. In: Börger, E., Gargantini, A., Riccobene, E. (eds.) ASM 2003. LNCS, vol. 2589, pp. 372–390. Springer, Heidelberg (2003)

    Google Scholar 

  19. The SpecExplorer webpage, http://research.microsoft.com/specexplorer/

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, USA

    Dean Rosenzweig & Wolfram Schulte

  2. University of Zagreb, Croatia

    Dean Rosenzweig & Davor Runje

Authors
  1. Dean Rosenzweig
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Davor Runje
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wolfram Schulte
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Sistemi e Informatica, Università di Firenze, Italy

    Rocco De Nicola

  2. Università di Bologna, Italy

    Davide Sangiorgi

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rosenzweig, D., Runje, D., Schulte, W. (2005). Model–Based Testing of Cryptographic Protocols. In: De Nicola, R., Sangiorgi, D. (eds) Trustworthy Global Computing. TGC 2005. Lecture Notes in Computer Science, vol 3705. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11580850_4

Download citation

  • DOI: https://doi.org/10.1007/11580850_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30007-6

  • Online ISBN: 978-3-540-31483-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation