Compilation Method for the Verification of Temporal-Epistemic Properties of Cryptographic Protocols

We present a technique for automatically verifying cryptographic protocols specified in the mainstream specification language CAPSL. Our work is based on model checking multi-agent systems against properties given in AI logics. We present PC2IS, a compiler from CAPSL to ISPL, the input language of MCMAS, a symbolic model checker for MAS. The technique also reduces automatically the state space to be considered by the model checker, thereby maximising the number of protocols and sessions that can be verified. We evaluate the technique on protocols in the Clark-Jacobs library against custom secrecy and authentication requirements as well as against more advanced properties that are expressible in this epistemic-based approach.

[1]  Ronald Fagin,et al.  Reasoning about knowledge , 1995 .

[2]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[3]  Stephan Merz,et al.  Model Checking , 2000 .

[4]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[5]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[6]  Sandro Etalle,et al.  PS-LTL for Constraint-Based Security Protocol Analysis , 2005, ICLP.

[7]  Alessio Lomuscio,et al.  MCMAS: A Model Checker for the Verification of Multi-Agent Systems , 2009, CAV.

[8]  Vitaly Shmatikov,et al.  Information Hiding, Anonymity and Privacy: a Modular Approach , 2004, J. Comput. Secur..

[9]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[10]  Ron van der Meyden,et al.  MCK: Model Checking the Logic of Knowledge , 2004, CAV.

[11]  Wojciech Penczek,et al.  LDYIS: a Framework for Model Checking Security Protocols , 2008, Fundam. Informaticae.

[12]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[13]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[14]  Jonathan K. Millen,et al.  CAPSL: Common Authentication Protocol Specification Language , 1996, NSPW '96.

[15]  Joseph Y. Halpern,et al.  Anonymity and information hiding in multiagent systems , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[16]  Ernie Cohen TAPS: a first-order verifier for cryptographic protocols , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[17]  Gavin Lowe A Family of Attacks upon Authentication Protocols , 1997 .

[18]  Paul F. Syverson,et al.  Group Principals and the Formalization of Anonymity , 1999, World Congress on Formal Methods.

[19]  ZHANGHuan-guo,et al.  Model Checking Electronic Commerce Security Protocols Based on CTL , 2005 .

[20]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[21]  Sandro Etalle,et al.  PS-LTL for constraint-based security protocol analysis , 2005, ICLP 2005.

[22]  Joseph Y. Halpern,et al.  A logical reconstruction of SPKI , 2003 .

[23]  Alessio Lomuscio,et al.  MCMAS: A Model Checker for Multi-agent Systems , 2006, TACAS.