Analysing Security Protocols using CSP
نویسنده
چکیده
In this chapter we describe how security protocols can be analysed using the process algebra CSP and the model checker FDR. The basic technique is to build a CSP model of a small system running the protocol, together with the most general intruder who can interact with that protocol, and then to use the model checker FDR to explore the state space, looking for insecure behaviours. We will base our explanation of the technique upon the book’s running example:
منابع مشابه
Analysing Time Dependent Security Properties in CSP Using PVS
This paper details an approach to verifying time dependent authen tication properties of security protocols We discuss the introduction of time into the Communicating Sequential Processes CSP protocol veri cation framework of The embedding of CSP in the theorem prover PVS Prototype Veri cation System is extended to incorporate event based time retaining the use of the existing rank function app...
متن کاملAnalysing the Woo-Lam Protocol Using CSP and Rank Functions
Designing security protocols is a challenging and deceptive exercise. Even small protocols providing straightforward security goals, such as authentication, have been hard to design correctly, leading to the presence of many subtle attacks. Over the years various formal approaches have emerged to analyse security protocols making use of different formalisms. Schneider has developed a formal app...
متن کاملAnalysing Protocol Subject to Guessing Attacks
In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorly-chosen password) and then seeks to verify that guess. We formalise such attacks, and in particular the way in which the guess is verified. We then describe how to model such attacks within the process algebra CSP, so that they can be detected using the model c...
متن کاملAnalysing protocols subject to guessing attacks
In this paper we consider guessing attacks upon security protocols, where an intruder guesses one of the values used (typically a poorlychosen password) and then seeks to verify that guess. We formalise such attacks, and in particular the way in which the guess is verified. We then describe how to model such attacks within the process algebra CSP, so that they can be detected using the model ch...
متن کاملAnalyzing a Library of Security Protocols using Casper and FDR
In this paper we describe the analysis of a library of fifty security protocols using FDR, a model checker for the process algebra CSP, and Casper, a compiler that produces the CSP descriptions from a more concise description. We succeed in finding nearly all of the attacks previously reported upon these protocols; in addition, we identify several new attacks.
متن کامل