Tool-supported Veriication of Cryptographic Protocols
نویسنده
چکیده
The correct and awless design of cryptographic protocols is crucial for the security of network services. As security aws within such protocols are in general very hard to detect, their security properties must be formally veriied. A computer-supported prove is highly desirable, but formal techniques as well as automatic theorem provers are hard to use for a non-specialist. To ooer a user-friendly environment for verifying cryptographic protocols we developed the protocol implementation language PIL, which is very closely related to the well-known BAN logic of authentication. Our PIL compiler automatically transforms a protocol speciication into the language accepted by a theorem prover, which then performs the desired proves fully automatic. Hence, all technical details of theorem proving are hidden from the protocol designer. The paper presents the tools developed to bridge the gap between protocol design and automatic veriication.
منابع مشابه
Towards a Mechanization of Cryptographic Protocal Verification
We revisit the approach deened in 2] for the formal veriication of cryptographic protocols so as to allow for some mechanization in the veriication process. In the original approach veriication uses theorem proving. Here we show that for a wide range of practical situations and properties it is possible to perform the veriication on a nite and safe abstract model.
متن کاملThe Concurrency Workbench: a Semantics Based Tool for the Veriication of Concurrent Systems
The Concurrency Workbench is an automated tool for analyzing networks of nite-state processes expressed in Milner's Calculus of Communicating Systems. Its key feature is its breadth: a variety of diierent veriication methods, including equivalence checking, preorder checking, and model checking, are supported for several diierent process semantics. One experience from our work is that a large n...
متن کاملA New Challenge for Automated Reasoning : Veri cation and Cryptanalysis of
The veriication of security properties is one of the key issues of computer science and automated reasoning tools play a key role in the high level veriication of cryptographic protocols. Yet almost nobody uses these reasoning tools for the veriication and cryptanalysis of the algorithms upon which these protocols are based. In this paper we advocate that it is possible to use logic to encode t...
متن کاملHandling Infeasible Speciications of Cryptographic Protocols
In the veriication of cryptographic protocols along the approach of the logic for authentication by Burrows, Abadi, and Needham, it is possible to write a speciica-tion which does not faithfully represent the real world situation. Such a speciication, though impossible or unreasonable to implement, can go undetected and be veriied to be correct. It can also lead to logical statements that do no...
متن کاملAnalysis of the Internet Key Exchange Protocol Using the NRLProtocol
In this paper we show how the NRL Protocol Ana-lyzer, a special-purpose formal methods tool designed for the veriication of cryptographic protocols, was used in the analysis of the Internet Key Exchange (IKE) protocol. We describe some of the challenges we faced in analyzing IKE, which speciies a set of closely related subprotocols, and we show how this led to a number of improvements to the An...
متن کامل