Verification of Security Protocols Using A Formal Approach
نویسنده
چکیده
Security protocols are expected to build secure communications over vulnerable networks. However, security protocols may contain potential flaws. Therefore, they need formal verifications. In this thesis, we investigate Paulson’s inductive approach and apply this formal approach to a classical cryptographic protocol which has not been previously verified in this way. We also investigate the modelling of timestamps and further extension of the inductive approach with message reception and agent’s knowledge. We modelled and verified Lowe’s modified Denning-Sacco sharedkey protocol using the inductive approach. The model and theorems are later updated with message reception and agent’s knowledge. Theorem proving is supported by the interactive theorem prover Isabelle. We have completed the proofs for both versions. As a result, Lowe’s modified Denning-Sacco shared-key protocol has been formally verified using the inductive approach.
منابع مشابه
A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملVérification automatique de protocoles d'examen, de monnaie, de réputation, et de routage. (Automated Verification of Exam, Cash, aa Reputation, and Routing Protocols)
Security is a crucial requirement in the applications based on information and communication technology, especially when an open network such as the Internet is used. To ensure security in such applications several security protocols have been developed. However, the design of complex security protocols is notoriously difficult and error-prone. Several flaws have been found on protocols that ar...
متن کاملAutomated Verification of Exam , Cash , Reputation , and Routing Protocols
Security is a crucial requirement in the applications based on information and communication technology, especially when an open network such as the Internet is used. To ensure security in such applications several security protocols have been developed. However, the design of complex security protocols is notoriously difficult and error-prone. Several flaws have been found on protocols that ar...
متن کاملA Formal Verification Centred Development Process for Security Protocols
This chapter concerns the correct and reliable design of modern security protocols. It discusses the importance of formal verification of security protocols prior to their release by publication or implementation. A discussion on logic-based verification of security protocols and its automation provides the reader with an overview of the current state-of-the-art of formal verification of securi...
متن کاملWeb Service Choreography Verification Using Z Formal Specification
Web Service Choreography Description Language (WS-CDL) describes and orchestrates the services interactions among multiple participants. WS-CDL verification is essential since the interactions would lead to mismatches. Existing works verify the messages ordering, the flow of messages, and the expected results from collaborations. In this paper, we present a Z specification of WS-CDL. Besides ve...
متن کامل