A Logic for Automatic Verification of Cryptographic Protocols

this paper, a new first-order logical framework and method of formalizing and verifying cryptographic protocols is presented. From the point of view of an intruder, the protocol and abilities of the intruder are modeled in Horn clauses. Based on deductive reasoning method, secrecy of cryptographic protocols is verified automatically, and if the secrecy is violated, attack scenarios can be presented through back-tracing. The method has been implemented in an automatic verifier, many examples of protocols have been analyzed in less then 1s. I. INTRODUCTION A cryptographic protocol is a precisely defined sequence of communication and computation steps using cryptographic mechanism, its aim is ensuring the security of the transaction and communication in network or distributed systems. The rapid extending of the internet causes a growing need for cryptographic protocols, but it is well known that the design of such protocols is difficult and error-prone. Therefore, it is necessary to study formal analysis methods and automatic verification tools for the cryptographic protocols. Researchers have adopted many theories and techniques to build automatic verification tools. The theories are mainly derived from based on model checking suffer from the problem of the state space explosion, while verifiers based on theorem proving usually need manual intervention. In this paper, we present a new formal approach for automatic verification of cryptographic protocols. This approach is fully automatic and terminable. The main contributions of the paper are: a general framework of formalizing cryptographic protocol and abilities of the intruder, a practical solving algorithm based on automatic reasoning, and a simple method to find the attack scenarios.