The Interrogator: Protocol Secuity Analysis

The Interrogator is a Prolog program that searches for security vulnerabilities in network protocols for automatic cryptographic key distribution. Given a formal specification of the protocol, it looks for message modification attacks that defeat the protocol objective. It is still under developement, but is has been able to rediscover a known vulnerability in a published protocol. It is implemented in LM-Prolog on a Lisp Machine, with a graphical user interface.

[1]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[2]  William F. Clocksin,et al.  Programming in Prolog , 1987, Springer Berlin Heidelberg.

[3]  Gustavus J. Simmons,et al.  How to (Selectively) Broadcast A Secret , 1985, 1985 IEEE Symposium on Security and Privacy.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[6]  Daniel Brand,et al.  On Communicating Finite-State Machines , 1983, JACM.

[7]  Jonathan K. Millen,et al.  The Interrogator A Tool for Cryptographic Protocol Security , 1984, 1984 IEEE Symposium on Security and Privacy.

[8]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[9]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[10]  Gustavus J. Simmons,et al.  A Software Protection Scheme , 1982, 1982 IEEE Symposium on Security and Privacy.