Combining Theory Generation and Model Checking for Security Protocol Analysis

Abstract : This paper reviews two relatively new tools for automated formal analysis of security protocols. One applies the formal methods technique of model checking to the task of protocol analysis, while the other utilizes the method of theory generation. which borrows from both model checking and automated theorem proving. For purposes of comparison. the tools are both applied to a suite of sampIe protocols with known laws. including the protocol used in an earlier study to provide a baseline. We then suggest a heuristic for combining the two approaches to provide a more complete analysis than either approach can provide alone.

[1]  James P. Titus Security and privacy , 1967, CACM.

[2]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[3]  John Ulrich,et al.  Automated Analysis of Cryptographic Protocols Using Mur ' , 1997 .

[4]  Jeannette M. Wing,et al.  Fast, automatic checking of security protocols , 1996 .

[5]  Simon S. Lam,et al.  Verifying authentication protocols: methodology and example , 1993, 1993 International Conference on Network Protocols.

[6]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[7]  Natsume Matsuzaki,et al.  Key Distribution Protocol for Digital Mobile Communication Systems , 1989, CRYPTO.

[8]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[9]  Jeannette M. Wing,et al.  Theory generation for security protocols , 1999 .

[10]  Stephan Merz,et al.  Model Checking , 2000 .

[11]  Somesh Jha,et al.  Verifying security protocols with Brutus , 2000, TSEM.

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..