Cryptographically Sound and Machine-Assisted Verification of Security Protocols
نویسندگان
چکیده
H. Alt and M. Habib (Eds.): STACS 2003, LCNS 2607, pages 675 686, February 2003. c © Springer-Verlag Berlin Heidelberg 2002. Abstract. We consider machine-aided verification of suitably constructed abstractions of security protocols, such that the verified properties are valid for the concrete implementation of the protocol with respect to cryptographic definitions. In order to link formal methods and cryptography, we show that integrity properties are preserved under step-wise refinement in asynchronous networks with respect to cryptographic definitions, so formal verifications of our abstractions carry over to the concrete counterparts. As an example, we use the theorem prover PVS to formally verify a system for ordered secure message transmission, which yields the first example ever of a formally verified but nevertheless cryptographically sound proof of a security protocol. We believe that a general methodology for verifying cryptographic protocols cryptographically sound can be derived by following the ideas of this example.
منابع مشابه
Cryptographically sound analysis of security protocols
In this thesis, we show how formal methods can be used for the cryptographically sound verification of concrete implementations of security protocols in order to obtain trustworthy and meaningful proofs, and to eliminate human inaccuracies. First, we show how to derive secure concrete implementations of a given abstract specification. The security proofs are essentially based on the well-establ...
متن کاملA Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol
P. Samarati, D. Gollmann, and R. Molva (Eds.): ESORICS 2004, LCNS 3193, pages 89 108, September 2004. c © Springer-Verlag Berlin Heidelberg 2004. Abstract. We present the first cryptographically sound security proof of the well-known Otway-Rees protocol. More precisely, we show that the protocol is secure against arbitrary active attacks including concurrent protocol runs if it is implemented u...
متن کاملA short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملGSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication
Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...
متن کاملTechnical Report: Justifying a Dolev-Yao Model under Active Attacks (Long Version)
We present the first idealized cryptographic library that can be used like the Dolev-Yao model for automated proofs of cryptographic protocols that use nested cryptographic operations, while coming with a cryptographic implementation that is provably secure under active attacks. To illustrate the usefulness of the cryptographic library, we present a cryptographically sound security proof of the...
متن کامل