An inductive approach to strand spaces

In this paper, we develop an inductive approach to strand spaces, by introducing an inductive definition for bundles. This definition provides us not only a constructive illustration for bundles, but also an effective and rigorous technique of rule induction to reason about properties of bundles. With this induction principle, we can prove that our bundle model is sound in the sense that a bundle is a causally well-founded graph. This approach also gives an alternative to rigorously prove a generalized version of authentication tests. To illustrate the applicability of our approach, we have performed case studies on verification of secrecy and authentication properties of the Needham–Schroeder–Lowe and Otway–Rees protocols. Our approach has been mechanized using Isabelle/HOL.

[1]  Yongjian Li,et al.  Extending the Strand Space Method to Verify Kerberos V , 2007 .

[2]  Catherine A. Meadows,et al.  Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[3]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[4]  Jonathan K. Millen,et al.  The Interrogator model , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[5]  Steve A. Schneider Verifying authentication protocols with CSP , 1997, Proceedings 10th Computer Security Foundations Workshop.

[6]  Yongjian Li,et al.  Generalized Unsolicited Tests for Authentication Protocol Analysis , 2006, 2006 Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'06).

[7]  Ichiro Hasuo,et al.  Semantics and logic for security protocols , 2009, J. Comput. Secur..

[8]  Joshua D. Guttman,et al.  Security protocol design via authentication tests , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[9]  Joshua D. Guttman,et al.  Authentication tests , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[10]  Yuan Li,et al.  Modeling for Security Verification of a Cryptographic Protocol with MAC Payload , 2005, ICIC.

[11]  John Ulrich,et al.  Automated Analysis of Cryptographic Protocols Using Mur ' , 1997 .

[12]  Joshua D. Guttman,et al.  Strand spaces: why is a security protocol correct? , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[13]  Ratan K. Guha,et al.  Formal Verification of 802.11i using Strand Space Formalism , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[14]  Dawn Xiaodong Song,et al.  Looking for diamonds in the desert - extending automatic protocol generation to three-party authentication and key agreement protocols , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[15]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[16]  Markus Wenzel,et al.  Isar - A Generic Interpretative Approach to Readable Formal Proof Documents , 1999, TPHOLs.

[17]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[18]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[19]  Dawn Xiaodong Song Athena: a new efficient automatic checker for security protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[20]  Gavin Lowe,et al.  Specifying and Modelling Secure Channels in Strand Spaces , 2009, Formal Aspects in Security and Trust.

[21]  Yongjian Li The Inductive Approach to Strand Space , 2005, FORTE.

[22]  Michael R. Hansen,et al.  Timed Traces and Strand Spaces , 2007, CSR.

[23]  Lawrence C. Paulson,et al.  Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[24]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[25]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[26]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[27]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .

[28]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[29]  Joshua D. Guttman,et al.  Authentication tests and the structure of bundles , 2002, Theor. Comput. Sci..

[30]  Lawrence Charles Paulson,et al.  ML for the working programmer , 1991 .

[31]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[32]  B. Clifford Neuman,et al.  A note on the use of timestamps as nonces , 1993, OPSR.

[33]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).