HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols

Cryptography is not sufficient for implementing secure exchange of secrets or authentification. Logical flaws in the protocol design may lead to incorrect behavior even under the idealized assumption of perfect cryptography. Most of protocol verification tools are model-checking tools for bounded number of sessions, bounded number of participants and in many case also a bounded size of messages [11,8,5,10]. In general, they are applied to discover flaws in cryptographic protocols. On the contrary, tools based on induction and theorem proving provide a general proof strategy [9,4], but they are either not automatic with exception of [4] or the termination is not guaranteed.

[1]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[2]  Véronique Cortier,et al.  Security properties: two agents are sufficient , 2004, Sci. Comput. Program..

[3]  Yassine Lakhnech,et al.  Pattern-based abstraction for verifying secrecy in protocols , 2005, International Journal on Software Tools for Technology Transfer.

[4]  Jonathan K. Millen,et al.  Proving secrecy is easy enough , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[5]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[6]  Jean Goubault-Larrecq,et al.  A Method for Automatic Cryptographic Protocol Verification , 2000, IPDPS Workshops.

[7]  Steve A. Schneider Verifying authentication protocols with CSP , 1997, Proceedings 10th Computer Security Foundations Workshop.

[8]  Lawrence C. Paulson,et al.  Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[9]  Michaël Rusinowitch,et al.  Protocol insecurity with finite number of sessions is NP-complete , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[10]  G. Denker,et al.  CAPSL integrated protocol environment , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[11]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .