Abstract
Showing the absence of security hazards in cryptographic protocols is of major interest in the area of protocol security analysis. Standard model checking techniques - despite their advantages of being both fast and automatic - serve as mere debuggers that allow the user at best to detect security risks if they exist at all. In general they are not able to guarantee that all such potential hazards can be found, though. A full verification usually involves induction and therefore can hardly be fully automatic. Therefore the definition and application of suitable heuristics has turned out to become a central necessity. This paper describes how we attack this problem with the help of the Verification Support Environment (VSE) and how we nevertheless arrive at a high degree of automation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control (EAC) – Version 1.11 Technical Guideline TR-03110, Federal Office for Information Security (BSI)
Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transactions on Information Theory 2(29) (1983)
Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6, 85–128 (1998)
Hutter, D., Rock, G., Siekmann, J.H., Stephan, W., Vogt, R.: Formal Software Development in the Verification Support Environment (VSE). In: Manaris, B., Etheredge, J. (eds.) Proceedings of the FLAIRS 2000. AAAI Press, Menlo Park (2000)
Denker, G., Millen, J., Rueß, H.: The CAPSL Integrated Protocol Environment. SRI Technical Report SRI-CSL-2000-02 (October 2000)
Formal Verification of the Cryptographic Protocols for Extended Access Control on Machine Readable Travel Documents. Technical Report, German Research Center for Artificial Intelligence and Federal Office for Information Security
Cheikhrouhou, L., Rock, G., Stephan, W., Schwan, M., Lassmann, G.: Verifying a chip-card-based biometric identification protocol in VSE. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 42–56. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cheikhrouhou, L., Nonnengart, A., Stephan, W., Koob, F., Rock, G. (2008). Automating Interactive Protocol Verification. In: Dengel, A.R., Berns, K., Breuel, T.M., Bomarius, F., Roth-Berghofer, T.R. (eds) KI 2008: Advances in Artificial Intelligence. KI 2008. Lecture Notes in Computer Science(), vol 5243. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85845-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-85845-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85844-7
Online ISBN: 978-3-540-85845-4
eBook Packages: Computer ScienceComputer Science (R0)