Automatic Verification of Complex Security Protocols With an Unbounded Number of Sessions

We present a new protocol logic, called Logic of Local Sessions (LLS), which is based on a quite natural semantic model called Instantiation Space. Given a protocol and a log file for a principal’s message data flow, which is formalized in Cryptographical Message Exchange model (CME), the notion of Instantiation Space is used to identify all the protocol’s local runs carried out by the principal. LLS is implemented and resulted in a robust Security Protocol Verifier (SPV), which is particularly suitable for automatic verification of complex protocols with an unbounded number of sessions. Due to the flexibility of LLS, the current version of SPV can deal with complex message formats with arbitrarily nested encryptions by public, private, shared and hash keys as well as freshly generated keys. Also, SPV can be used to verify complex security properties such as “Alice observes (knows) Bob observes (knows) Alice said something”. Most importantly, it has been applied to automatically verify a lot of interesting and important properties for quite complex security protocols like Kerberos V5 and the SET purchase phase protocol.