Toward Compositional Analysis of Security Protocols Using Theorem Proving

Complex security protocols require a formal approach to ensure their correctness. The protocols are frequently composed of several smaller, simpler components. We would like to take advantage of the compositional nature of such protocols to split the large veri cation task into separate and more manageable pieces. Various formalisms have been used successfully for reasoning about large protocol compositions by hand. However, hand proofs are prone to error. Automated proof systems can help make the proofs more rigorous. The goal of our work is to develop an automated proof environment for compositional reasoning about systems. This environment would combine the power of compositional reasoning with the rigor of mechanically-checked proofs. The hope is that the resulting system would be useful in veri cation of security protocols of real-life size and complexity. Toward this goal, we present results of a case study in compositional veri cation of a private communication protocol with the aid of automated proof tool Isabelle/IOA. This research is sponsored in part by the the National Science Foundation under Grant No. CCR-9523972 and the National Security Agency under Award Number MDA904-99-C-5020. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the o cial policies or endorsements, either expressed or implied of the U.S. Government.