Dynamic epistemic verification of security protocols: framework and case study
نویسندگان
چکیده
We propose a dynamic epistemic framework for the verification of security protocols. First, we introduce a dynamic epistemic logic equipped with iteration and cryptographic supplements in which we can formalize and check (epistemic) requirements of security protocols. On top of this, we give a general guide how to go from a protocol specification to its representation in our framework. We demonstrate this by checking requirements of a simplified version of a protocol for confidential message comparison.
منابع مشابه
Reconciling Operational and Epistemic Approaches to the Formal Analysis of Crypto-Based Security Protocols
We propose a unifying framework for formal specification and verification of both epistemic and behavioral aspects of security protocols. The main novelty of the proposed framework is the explicit support for cryptographic constructs, which is among the most essential ingredients of security protocols. Due to this feature, the indistinguishability relation for the epistemic constructs gets a dy...
متن کاملA short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملLDYIS: a Framework for Model Checking Security Protocols
We present a formalism for the automatic verification of security protocols based on multi-agent systems semantics. We give the syntax and semantics of a temporal-epistemic securityspecialised logic and provide a lazy-intruder model for the protocol rules that we argue to be particularly suitable for verification purposes. We exemplify the technique by finding a (known) bug in the traditional N...
متن کاملVerification of temporal-epistemic properties of access control systems
Verification of access control systems against vulnerabilities has always been a challenging problem in the world of computer security. The complication of security policies in largescale multi-agent systems increases the possible existence of vulnerabilities as a result of mistakes in policy definition. This thesis explores automated methods in order to verify temporal and epistemic properties...
متن کاملSmall Steps in Heuristics for the Russian Cards Problem Protocols
This work presents a couple of algorithmic techniques applied to the Russian Cards Problem. This problem represent an idealized scenario where Dynamic Epistemic Logic [4, 5, 8] plays an important role in secure communications analysis. This logic is in a lower layer below the protocol desing tasks acting as a specification and verification formal tool. This work focusses not on the logical aspe...
متن کامل