MetaCP: Cryptographic Protocol Design Tool for Formal Verification

We present MetaCP, a tool to aid the cryptographer throughout the process of designing and modelling a communication protocol suitable for formal verification. The crucial innovative aspect of the tool is its data-centric approach, where protocol specification is stored in a structured way rather than in natural languages to facilitate its interpretation to multiple target languages. Previous work shows a single exporting plugin (for Tamarin) which required aftermath modifications. By improving the expressiveness of the specification data structure we extend the tool to export to an additional formal language, i.e. ProVerif, as well as a C++ implementation. Starting with its modern graphical interface, MetaCP allows us to model the Diffie-Hellman key exchange, traditionally referred to as a case study, in just a few minutes. Ultimately, we use the formal tools to verify the executability and correctness of the automatically exported models. The design core of MetaCP is freely available in an online demo that provides two further sample protocols, Needham-Schroeder and Needham-Schroeder-Lowe, along with instructions to use the tool to begin modelling from scratch and to export the model to desired external languages.

[1]  Karthikeyan Bhargavan,et al.  Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[2]  Sebastian Mödersheim,et al.  The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures , 2012, TACAS.

[3]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[4]  Feng Hao,et al.  Analyzing and Patching SPEKE in ISO/IEC , 2018, IEEE Transactions on Information Forensics and Security.

[5]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[6]  Roberto Metere,et al.  Poster: Towards a Data Centric Approach for the Design and Verification of Cryptographic Protocols , 2019, CCS.

[7]  G. Denker,et al.  CAPSL integrated protocol environment , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[8]  Naphtali Rishe,et al.  Formal Representation and Transformation of DTDs to Sem-ODM Semantic Schemas , 2006, FCS.

[9]  C. M. Sperberg-McQueen,et al.  W3C XML Schema Definition Language (XSD) 1.1 Part 1: Structures , 2012 .

[10]  Martín Abadi,et al.  The Applied Pi Calculus: Mobile Values, New Names, and Secure Communication , 2016 .

[11]  Cas J. F. Cremers,et al.  Improving the ISO/IEC 11770 Standard for Key Management Techniques , 2014, SSR.

[12]  Benjamin Grégoire,et al.  Computer-Aided Security Proofs for the Working Cryptographer , 2011, CRYPTO.

[13]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.