Abstract
SPVT-II is a security protocol verifier based on logic programming, in which an accurate verification approach and an abstract verification approach are combined by a non-termination prediction algorithm. The prediction algorithm predicts non-termination of the solved-form fixpoint of the logic program model of security protocols. In SPVT-II, if the fixpoint is predicted non-termination, then the abstract approach is used to verify protocols, otherwise the accurate approach is used. The combined approach inherits the efficiency of the accurate approach for verifying those security protocols whose fixpoint terminates, and in the abstract-refinement iteration verification framework, the combined approach can be used to incrementally verify security protocols whose fixpoint is predicted non-termination. And in SPVT-II, the non-termination prediction of fixpoint, verification, constructing counterexamples and refinement are all implemented mechanically. The experiment results demonstrate the practicality of our verifier.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Durgin, N., Lincoln, P., Mitchell, J.: Undecidability of bounded security protocols. In: Heintze, N., Clarke, E. (eds.) Proceedings of the Workshop on Formal Methods and Security Protocols, Trento (1999)
Cousot, P., Cousot, R.: Abstract Interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: 4th POPL, pp. 238–252. ACM Press, New York (1977)
Song, D.X.: Athena: a New Efficient Automatic Checker for Security Protocol Analysis. In: 12th IEEE Computer Security Foundation Workshop(CSFW12), pp. 192–202. IEEE Press, New York (1999)
Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop(CSFW-14), pp. 82–96. IEEE Press, New York (2001)
Bozga, L., Lakhnech, Y., Périn, M.: Pattern-based abstraction for verifying secrecy in protocols. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 299–314. Springer, Heidelberg (2003)
Bozga, L., Lakhnech, Y., Périn, M.: HERMES: An automatic tool for verification of secrecy in security protocols. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 219–222. Springer, Heidelberg (2003)
Oehl, F., Cécé, G., Kouchnarenko, O., Sinclair, D.: Automatic approximation for the verification of cryptographic protocols. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 33–48. Springer, Heidelberg (2003)
Backes, M., Maffei, M., Cortesi, A.: Causality-based Abstraction of Multiplicity in Security Protocols. In: 20th IEEE Computer Security Foundation Symposium(CSF 2007), pp. 355–369. IEEE Press, New York (2007)
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Blanchet, B.: From secrecy to authenticity in security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, p. 342. Springer, Heidelberg (2002)
Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. In: 29th POPL, pp. 33–44. ACM Press, New York (2002)
Allamigeon, X., Blanchet, B.: Reconstruction of Attacks against Cryptography Protocols. In: 18th IEEE Computer Security Foundations Workshop(CSFW18), pp. 140–154. IEEE Press, New York (2005)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: tagging enforces termination. Theor. Comput. Sci. 333(1-2), 67–90 (2005)
Gori, R., Lastres, E., Moreno, R., Spoto, F.: Approximation of the Well-Founded Semantics for Normal Logic Programs using Abstract Interpretation. In: Freire-Nistal, J.L., Falaschi, M., Villares-Ferro, M. (eds.) APPIA-GULP-PRODE 1998, pp. 433–441 (1998)
Li, M., Zhou, T., Li, Z.-J., Chen, H.-w.: An abstraction and refinement framework for verifying security protocols based on logic programming. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 166–180. Springer, Heidelberg (2007)
Clark, J., Joacob, J.: A survey on authentification protocol (1997), http://www.cs.york.ac.uk/~jac/papers/drareviewps.ps
Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key kerberos. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 167–181. Springer, Heidelberg (2008)
Shen, Y.-D., You, J.-H., Yuan, L.-Y., Shen, S.S.P., Yang, Q.: A dynamic approach to characterizing termination of general logic programs. ACM Trans. Comput. Log. 4(4), 417–430 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, M., Zhou, T., Li, Z. (2009). SPVT-II: An Efficient Security Protocol Verifier Based on Logic Programming. In: Yung, M., Liu, P., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2008. Lecture Notes in Computer Science, vol 5487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01440-6_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-01440-6_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01439-0
Online ISBN: 978-3-642-01440-6
eBook Packages: Computer ScienceComputer Science (R0)