Multi-Dimensional Security Protocol Engineering using SPEAR

Multi-dimensional security analysis is effective in creating cryptographic protocols since it encompasses a variety of analysis techniques, thereby providing a higher security confidence than individual approaches. SPEAR, the Security Protocol Engineering and Analysis Resource, is a protocol engineering tool which focuses on security protocols, with the specific aim of producing secure and efficient protocol designs and support for the ‘production’ process. SPEAR offers developers of cryptographic protocols an environment in which to design, analyse and generate security protocols. In order to provide multidimensional support, SPEAR enables protocol specification via a graphical user interface in the style of message sequence charts (MSC’s); security analysis based on cryptographic logics (currently BAN [4]) and code generation (currently Java). Following design analysis, meta-execution of code, which allows performance evaluation, can be performed. The fusion of these approaches allows the user to create cryptographic protocols from within the controlled environment of SPEAR.