Skip to main content
SpringerLink
Log in

Verifying a Chipcard-Based Biometric Identification Protocol in VSE

  • Conference paper
Book cover Computer Safety, Reliability, and Security (SAFECOMP 2006)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4166))

Included in the following conference series:

Abstract

In this paper we describe our experiences in specifying and verifying a complex cryptographic protocol actually used in industry that has been developed for the area of chipcard based biometric identification systems. The main emphasis was placed on authenticity, integrity and confidentiality properties. The formal analysis even led to several simplifying modifications of the protocol that facilitate the implementation, yet maintaining the protocol security properties we considered. The formal analysis is based on an inductive approach performed with the help of VSE (Verification Support Environment). The heuristic based proof automation techniques realized in VSE result in an average grade of automation of 80 percent. Thus, VSE provides substantial support for the specification and verification of cryptographic protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transactions on Information Theory 2(29) (1983)

    Google Scholar 

  2. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6, 85–128 (1998)

    Google Scholar 

  3. The Verisoft Project, http://www.verisoft.de/

  4. Lassmann, G., Schwan, M.: Vertrauenswüdige Chipkartenbasierte Biometrische Authentifikation. In: Dittmann, J (Hrsg.) (ed.) Sicherheit 2006, Sicherheit-Schutz und Zuverlässigkeit. GI-Edition Lectures Notes in Informatics, Gesellschaft für Informatik, Bonn (2006)

    Google Scholar 

  5. Ryan, P., Schneider, S., Goldsmith, M., Lowe, G., Roscoe, B.: Modeling and Analysis of Security Protocols. Addison Wesley, Reading (2000)

    Google Scholar 

  6. Denker, G., Millen, J., Rueß, H.: The CAPSL Integrated Protocol Environment protocol. SRI Technical Report SRI-CSL-2000-02 (October 2000)

    Google Scholar 

  7. Meadows, C.: The NRL Protocol Analyzer: An overview. Journal of Logic Programming 26(2), 113–131 (1996)

    Article  MATH  Google Scholar 

  8. Lowe, G.: Casper: A compiler for the analysis of security protocols. Journal of Computer Security 6, 53–84 (1998)

    Google Scholar 

  9. Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Software—Concepts and Tools 17, 93–102 (1996)

    Google Scholar 

  10. Durante, A., Focardi, R., Gorrieri, R.: Cvs: A compiler for the analysis of cryptographic protocols. In: Proceedings of 12th IEEE Computer Security Foundations Workshop, pp. 203–212 (1999)

    Google Scholar 

  11. Weidenbach, C.: Towards an automatic analysis of security protocols. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 378–382. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  12. Lowe, G., Roscoe, A.W.: Using CSP to detect errors in the TMN protocol. IEEE Transactions on Software Engineering 23(10), 659–669 (1997)

    Article  Google Scholar 

  13. Marrero, W., Clarke, E., Jha, S.: A model checker for authentication protocols. In: Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols (1997)

    Google Scholar 

  14. Neuman, B.C., Stubblebine, S.G.: A note on the use of timestamps as nonces. ACM SIGOPS, Operating Systems Review 27(2), 10–14 (1993)

    Article  Google Scholar 

  15. Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using Murφ. In: IEEE Symposium on Security and Privacy (1997)

    Google Scholar 

  16. Basin, D.: Lazy Infinite-State Analysis of Security Protocols. In: Baumgart, R. (ed.) CQRE 1999. LNCS, vol. 1740, pp. 30–42. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  17. Basin, D., Mödersheim, S., Viganò, L.: An On-The-Fly Model-Checker for Security Protocol Analysis. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Thayer Fábrega, F.J., Herzog, J.C., Guttman, J.D.: Strand spaces: Proving security protocols correct. Journal of Computer Security 7(2,3), 191–230 (1999)

    Google Scholar 

  19. Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. In: Proceedings of the Fourth ACM Conference on Computer and Communications Security (1997)

    Google Scholar 

  20. Boreale, M.: Symbolic trace analysis of cryptographic protocols. In: Harper, R. (ed.) TIC 2000. LNCS, vol. 2071, pp. 667–681. Springer, Heidelberg (2001)

    Google Scholar 

  21. Donovan, R., Norris, M., Lowe, G.: Analyzing a library of security protocols using Casper and FDR. In: Proceedings of the FLoC Workshop on Formal Methods and Security Protocols (Trento, Italy) (1999)

    Google Scholar 

  22. Song, D.X., Berezin, S., Perrig, A.: Athena: a novel approach to efficient automatic security protocol analysis. Journal of Computer Security 9(1,2), 47–74 (2001)

    Google Scholar 

  23. Hutter, D., Langenstein, B., Sengler, C., Siekmann, J.H., Stephan, W., Wolpers, A.: Deduction in the Verification Support Environment (VSE). In: Gaudel, M.-C., Woodcock, J. (eds.) Proceedings Formal Methods Europe 1996: Industrial Benefits and Advances in Formal Methods. Springer, Heidelberg (1996)

    Google Scholar 

  24. Hutter, D., Langenstein, B., Sengler, C., Siekmann, J.H., Stephan, W., Wolpers, A.: Verification support environment (vse). High Integrity Systems 1(6), 523–530 (1996)

    Google Scholar 

  25. Hutter, D., Mantel, H., Rock, G., Stephan, W., Wolpers, A., Balser, M., Reif, W., Schellhorn, G., Stenzel, K.: VSE: Controlling the complexity in formal software developments. In: Hutter, D., Traverso, P. (eds.) FM-Trends 1998. LNCS, vol. 1641. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  26. Hutter, D., Rock, G., Siekmann, J.H., Stephan, W., Vogt, R.: Formal Software Development in the Verification Support Environment (VSE). In: Manaris, B., Etheredge, J. (eds.) FLAIRS 2000: Proceedings of the Thirteenth International Florida Artificial Intelligence Research Society Conference, pp. 367–376. AAAI Press, Menlo Park (2000)

    Google Scholar 

  27. Rock, G., Stephan, W., Wolpers, A.: Modular Reasoning about Structured TLA Specifications. In: Berghammer, R., Lakhnech, Y. (eds.) Tool Support for System Specification, Development and Verification. Advances in Computing Science, pp. 217–229. Springer, Wien (1999)

    Google Scholar 

  28. Rock, G., Stephan, W., Wolpers, A.: Assumption–Commitment Specifications and Safety-Critical Systems. In: König, H., Langendörfer, P. (eds.) FBT 1998. Formale Beschreibungstechniken für verteilte Systeme, 8, GI/ITG-Fachgespräch, pp. 125–135. Shaker Verlag, Aachen (1998)

    Google Scholar 

  29. Stephan, W., Langenstein, B., Nonnengart, A., Rock, G.: Verification Support Environment. In: Hutter, D., Stephan, W. (eds.) Mechanizing Mathematical Reasoning. LNCS (LNAI), vol. 2605, pp. 476–493. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. German Research Center for Artificial Intelligence (DFKI GmbH), Stuhlsatzenhausweg 3, 66123, Saarbrücken, Germany

    Lassaad Cheikhrouhou, Georg Rock & Werner Stephan

  2. T-Systems Enterprise Services GmbH, Goslarer Ufer 35, 10589, Berlin, Germany

    Matthias Schwan & Gunter Lassmann

Authors
  1. Lassaad Cheikhrouhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Georg Rock
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Werner Stephan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthias Schwan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gunter Lassmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Software Engineering, Gdańsk University of Technology,, Narutowicza 11/12, 80-952, Gdańsk, Poland

    Janusz Górski

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cheikhrouhou, L., Rock, G., Stephan, W., Schwan, M., Lassmann, G. (2006). Verifying a Chipcard-Based Biometric Identification Protocol in VSE. In: Górski, J. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2006. Lecture Notes in Computer Science, vol 4166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11875567_4

Download citation

  • DOI: https://doi.org/10.1007/11875567_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-45762-6

  • Online ISBN: 978-3-540-45763-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation