Constraints-based Verification of Parameterized Cryptographic Protocols
نویسندگان
چکیده
Cryptographic protocols are crucial for securing electronic transactions. The confidence in these protocols can be increased by the formal analysis of their security properties. Although many works have been dedicated to standard protocols like Needham-Schroder very few address the more challenging class of group protocols. We present a synchronous model for group protocols, that generalizes standard protocol models by permitting unbounded lists inside messages. In this extended model we propose a correct and complete set of inference rules for checking security properties in presence of an active intruder for the class of Well-Tagged protocols. We prove that the application of these rules on a constraint system terminates and that the normal form obtained can be checked for satisfiability. Therefore, we present here a decision procedure for this class. Key-words: Cryptographic protocols, Inference system, Group protocols, rewriting, security, verification, constraints This work was supported by AVANTSSAR, FP7-ICT-2007-1 Project No.216471, and SeComMaNet, PRST MISN Project 2007-2013. in ria -0 03 36 53 9, v er si on 1 4 N ov 2 00 8 Vérification de protocoles cryptographiques paramétrés à base de résolution de contraintes Résumé : Les protocoles cryptographiques sont cruciaux pour la sécurité des transactions éléctroniques. La confiance en ces protocoles peut être améliorée par une analyse formelle de leurs propriétés de sécurité. Bien que de nombreux travaux aient été consacrés aux protocoles classiques tels que celui de Needham-Schroder, très peu s’intéressent la classe prometteuse des protocoles de groupe. Nous présentons un modèle synchrone de protocoles de groupe qui généralise les modèles classiques en incluant des listes non bornées dans les messages. Dans ce modèle étendu, nous proposons un ensemble correct et complet de règles d’inférence pour la vérification de propriétés de sécurité en présence d’un intrus actif pour une classe de protocoles bien taggés. Nous prouvons que l’application de ces règles pour un système de contraintes termine et que la forme normale obtenue peut Ãatre testée pour la satisfiabilité. Ainsi, nous présentons ici une procédure de décision pour cette classe. Mots-clés : protocoles cryptographiques, système d’inférence, protocoles de groupe, réécriture, sécurité, vérification, contraintes in ria -0 03 36 53 9, v er si on 1 4 N ov 2 00 8 Verification of Parameterized Cryptographic Protocols 3
منابع مشابه
A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملVerifying Parameterized Timed Security Protocols
Quantitative timing is often explicitly used in systems for better security, e.g., the credentials for automatic website logon often has limited lifetime. Verifying timing relevant security protocols in these systems is very challenging as timing adds another dimension of complexity compared with the untimed protocol verification. In our previous work, we proposed an approach to check the corre...
متن کاملA Method for Automatic Cryptographic Protocol Verification
We present an automatic, terminating method for verifying confidentiality properties, and to a lesser extent freshness properties of cryptographic protocols. It is based on a safe abstract interpretation of cryptographic protocols using a specific extension of tree automata, _-parameterized tree automata, which mix automata-theoretic techniques with deductive features. Contrary to most model-ch...
متن کاملAutomatic Verification of Time Sensitive Cryptographic Protocols
We investigate the applicability of symbolic exploration to the automatic verification of secrecy and authentication properties for time sensitive cryptographic protocols. Our formal specifications are given in multiset rewriting over first order atomic formulas enriched with constraints so as to uniformly model fresh name generation and validity condition of time stamps. Our verification appro...
متن کاملFormal Verification of a Parameterized Data Aggregation Protocol
We report on our experiences on the successful verification of a parameterized wireless fault-tolerant data aggregation protocol. We outline our verification method that involves automatic verification of a model of the node processing algorithm under system topology constraints. The presented work forms the basis for a generalization to verification rules for aggregation protocols that integra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008