On Formal Verification Methods for Password-based Protocols: CSP/FDR and AVISPA

Formal verification methods have proved a high talent in finding potential attacks automatically in several security protocols. So far, many formal methods have been proposed in the literature. In this paper we checked the abilities of two well-known checking tools, CSP/FDR and AVISPA, in detecting off-line attacks that may exist in password-based authentication protocols. For this, we apply these two formal methods to several variants of password-based protocols, vulnerable to off-line attack, so that we analyze the results and then show the weaknesses of each method.

[1]  Peter Y. A. Ryan,et al.  Modelling and analysis of security protocols , 2001 .

[2]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[3]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[4]  Somesh Jha,et al.  A model checker for authentication protocols , 1997 .

[5]  Antti Huima,et al.  Using multimodal logic to express conflicting interests in security protocols in proceedings of DIMACS Workshop on Design and formal verification of security protocols , 1997 .

[6]  Catherine A. Meadows,et al.  Formal characterization and automated analysis of known-pair and chosen-text attacks , 2000, IEEE Journal on Selected Areas in Communications.

[7]  John Ulrich,et al.  Automated Analysis of Cryptographic Protocols Using Mur ' , 1997 .

[8]  Catherine A. Meadows,et al.  The NRL Protocol Analyzer: An Overview , 1996, J. Log. Program..

[9]  Catherine A. Meadows,et al.  Applying Formal Methods to the Analysis of a Key Management Protocol , 1992, J. Comput. Secur..

[10]  Yannick Chevalier,et al.  A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols , 2004 .

[11]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[12]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[13]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  A. W. Roscoe,et al.  Using CSP to Detect Errors in the TMN Protocol , 1997, IEEE Trans. Software Eng..