Automatic verification of correspondences for security protocols

We present a new technique for verifying correspondences in security proto-cols. In particular, correspondences can be used to formalize authentication. Ourtechnique is fully automatic, it can handle an unbounded number of sessions of theprotocol, and it is efficient in practice. It significantly extends a previous techniquefor the verification of secrecy. The protocol is represented in an extension of thepi calculus with fairly arbitrary cryptographic primitives. This protocol represen-tation includes the specification of the correspondence to be verified, but no otherannotation. This representation is then translated into an abstract representation byHorn clauses, which is used to prove the desired correspondence. Our techniquehas been proved correct and implemented. We have tested it on various proto-cols from the literature. The experimental results show that these protocols can beverified by our technique in less than 1 s.