Verification of Authentication Protocols for Epistemic Goals via SAT Compilation

This paper introduces a new methodology that uses knowledge structures, a specific form of Kripke semantics for epistemic logic, to analyze communication protocols over hostile networks. The paper particularly focuses on automatic verification of authentication protocols. Our approach is based on the actual definitions of a protocol, not on some difficult-to-establish justifications. The proposed methodology is different from many previous approaches to automatic verification of security protocols in that it is justification-oriented instead of falsification-oriented, i.e., finding bugs in a protocol. The main idea is based on observations: separating a principal executing a run of protocol from the role in the protocol, and inferring a principal’s knowledge from the local observations of the principal. And we show analytically and empirically that this model can be easily reduced to Satisfiability (SAT) problem and efficiently implemented by a modern SAT solver.

[1]  Yan Zhang,et al.  Reasoning about Knowledge by Variable Forgetting , 2004, KR.

[2]  Chen Qingliang,et al.  Knowledge structure approach to verification of authentication protocols , 2005 .

[3]  P. Syverson,et al.  A Unified Cryptographic Protocol Logic , 1996 .

[4]  Li Meng,et al.  A Survey of Security Protocol Verification Based on Process Algebra , 2004 .

[5]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[6]  Rineke Verbrugge,et al.  A Knowledge-Based Algorithm for the Internet Transmission Control Protocol (Tcp) , 2002 .

[7]  John C. Mitchell,et al.  A Compositional Logic for Proving Security Properties of Protocols , 2003, J. Comput. Secur..

[8]  Fangzhen Lin,et al.  On strongest necessary and weakest sufficient conditions , 2000, Artif. Intell..

[9]  Paul Syverson Towards a Strand Semantics for Authentication Logic , 1999 .

[10]  Somesh Jha,et al.  Verifying security protocols with Brutus , 2000, TSEM.

[11]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[12]  Huai Jinpeng,et al.  Algebra model and security analysis for cryptographic protocols , 2004 .

[13]  Martín Abadi,et al.  A semantics for a logic of authentication (extended abstract) , 1991, PODC '91.

[14]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[15]  Saul A. Kripke,et al.  Semantical Analysis of Modal Logic I Normal Modal Propositional Calculi , 1963 .

[16]  Dawn Xiaodong Song,et al.  Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis , 2001, J. Comput. Secur..

[17]  John C. Mitchell,et al.  A derivation system for security protocols and its logical formalization , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[18]  Dusko Pavlovic,et al.  An encapsulated authentication logic for reasoning about key distribution protocols , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[19]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[20]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[21]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[22]  Dengguo Feng,et al.  New semantic model for authentication protocols in ASMs , 2008, Journal of Computer Science and Technology.

[23]  Pierre Bieber,et al.  A logic of communication in hostile environment , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[24]  J. Hintikka Knowledge and belief , 1962 .

[25]  Colin Boyd,et al.  On a Limitation of BAN Logic , 1994, EUROCRYPT.

[26]  Michal Kouril,et al.  SBSAT: a State-Based, BDD-Based Satisfiability Solver , 2003, SAT.

[27]  Paul C. van Oorschot,et al.  Extending cryptographic logics of belief to key agreement protocols , 1993, CCS '93.

[28]  Ronald Fagin,et al.  Reasoning about knowledge , 1995 .

[29]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.