A Supporting Tool for Spiral Model of Cryptographic Protocol Design with Reasoning-Based Formal Analysis

Many cryptographic protocols proposed to securely send and receive information with someone in unsecured network for various purposes. To design secure cryptographic protocols, formal analysis for cryptographic protocols should be included as an essential activity in a process of cryptographic protocol design. In other word, the ideal process consists of design, formalization, formal analysis, interpretation, and improvement, and the five activities are done repeatedly as similar as activities in spiral model of software development. This paper presents a supporting tool for the ideal process of cryptographic protocol design. At first, the paper presents the spiral model of cryptographic protocol design, and introduces formal analysis method with reasoning as a suitable formal analysis method for the spiral model. The paper also presents design of the supporting tool and its implementation for key exchange protocols. By the supporting tool, designers can only focus on design and improvement activities in the spiral model.

[1]  Lawrence Charles Paulson,et al.  Isabelle: A Generic Theorem Prover , 1994 .

[2]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[3]  Jingde Cheng,et al.  FreeEnCal: A Forward Reasoning Engine with General-Purpose , 2007, KES.

[4]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[5]  Jingde Cheng A Strong Relevant Logic Model of Epistemic Processes in Scientific Discovery (Extended Abstract) , 1999, PAKDD.

[6]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[7]  Jingde Cheng,et al.  Deontic relevant logic as the logical basis for specifying, verifying, and reasoning about information security and information assurance , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[8]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[9]  Jingde Cheng,et al.  Formalization for Formal Analysis of Cryptographic Protocols with Reasoning Approach , 2014 .

[10]  Colin Boyd,et al.  Goals for Authentication and Key Establishment , 2003 .

[11]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[12]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.