Exploiting Symmetries for Testing Equivalence Verification in the Spi Calculus

Testing equivalence is a quite powerful way of expressing security properties of cryptographic protocols, but its formal verification is a difficult task, because it is based on universal quantification over contexts. A technique based on state exploration to address this verification problem has previously been presented; it relies on an environment-sensitive labelled transition system (ES-LTS) and on symbolic term representation. This paper shows that such a technique can be enhanced by exploiting symmetries found in the ES-LTS structure. Experimental results show that the proposed enhancement can substantially reduce the size of the ES-LTS and that the technique as a whole compares favorably with respect to related work.

[1]  Somesh Jha,et al.  Partial Order Reductions for Security Protocol Verification , 2000, TACAS.

[2]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[3]  Adriano Valenzano,et al.  Automatic testing equivalence verification of spi calculus specifications , 2003, TSEM.

[4]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[5]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[6]  Martín Abadi,et al.  Computing symbolic models for verifying cryptographic protocols , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[7]  Rocco De Nicola,et al.  Proof techniques for cryptographic processes , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[8]  Somesh Jha,et al.  Verifying security protocols with Brutus , 2000, TSEM.

[9]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[10]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[11]  D. Latella,et al.  A Brutus Logic for the Spi-calculus , 2001 .

[12]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[13]  A. Prasad Sistla,et al.  SMC: a symmetry-based model checker for verification of safety and liveness properties , 2000, TSEM.

[14]  Mihir Bellare,et al.  iKP - A Family of Secure Electronic Payment Protocols , 1995, USENIX Workshop on Electronic Commerce.

[15]  Jonathan K. Millen,et al.  The Interrogator: Protocol Secuity Analysis , 1987, IEEE Transactions on Software Engineering.

[16]  Martín Abadi,et al.  A Bisimulation Method for Cryptographic Protocols , 1998, Nord. J. Comput..

[17]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[18]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[19]  Adriano Valenzano,et al.  A New Knowledge Representation Strategy for Cryptographic Protocol Analysis , 2003, TACAS.

[20]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..