Verification and Modelling of Authentication Protocols 1 Zürich , 2 . 4 . 1992

With the emergence of numerous distributed services, the importance of electronic authentication in networks is rapidly increasing. Since more than a decade, authentication protocols have been proposed and discussed. Because of various flaws which were found late, Burrows, Abadi and Needham [BAN] created a logic of authentication to formally verify authentication protocols by the end of the 80’s.This so called BAN logic has been subject to considerable critique and several extensions have been suggested. None the less, due to its straightforward design and easy understandability, it still attracts the attention of current research.We developed an authentication logic which is built closely after the BAN–logic. It addresses answers to important critiques of the BAN like the non–disclosure problem, and avoids some newly discovered weaknesses of BAN, e.g. with respect to freshness. We also built a verification tool embodying this extended BAN logic and the means for modelling the different participating principals as finite state machines. The tool allows therefore both for formal, passive analysis of an authentication protocol and for active simulation of a protocol run. We also can model actions of intruders, consequences of such intrusions, and the respective counter–measures. The tool is implemented in Prolog and facilitates exploratory design of new authentication protocols.