Skip to main content
SpringerLink
Log in

Verification of the SSL/TLS Protocol Using a Model Checkable Logic of Belief and Time

  • Conference paper
  • First Online:
Book cover Computer Safety, Reliability and Security (SAFECOMP 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2434))

Included in the following conference series:

Abstract

The paper shows how a model checkable logic of belief and time (MATL) can be used to check properties of security protocols employed in computer networks. In MATL, entities participating to protocols are modeled as concurrent processes able to have beliefs about other entities. The approach is applied to the verification of TLS, the Internet Standard Protocol that IETF derived from the SSL 3.0 of Netscape. The results of our analysis show that the protocol satisfies all the security requirements for which it was designed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and M. Tuttle. A semantics for a logic of authentication. In Proceedings of the 10th Annual ACM Symposium on Principles of Distributed Computing, pages 201–216, 1991.

    Google Scholar 

  2. M. Benerecetti and A. Cimatti. Symbolic Model Checking for Multi-Agent Systems. In CLIMA-2001, Workshop on Computational Logic in Multi-Agent Systems, 2001. Co-located with ICLP’01.

    Google Scholar 

  3. M. Benerecetti and F. Giunchiglia. Model checking security protocols using a logic of belief. In Proceedings of the 6th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2000), 2000.

    Google Scholar 

  4. M. Benerecetti, F. Giunchiglia, M. Panti, and L. Spalazzi. A Logic of Belief and a Model Checking Algorithm for Security Protocols. In Proceedings of IFIP TC6/WG6.1 International Conference FORTE/PSTV 2000, 2000.

    Google Scholar 

  5. M. Benerecetti, F. Giunchiglia, and L. Serafini. Model Checking Multiagent Systems. Journal of Logic and Computation, 8(3):401–423, 1998.

    Article  MATH  MathSciNet  Google Scholar 

  6. M. Benerecetti, M. Panti, L. Spalazzi, and S. Tacconi. Verification to Payment Protocols via MultiAgent Model Checking. In Proceedings of the 14th International Conference on Advanced Information Systems Engineering (CAiSE’ 02), 2002.

    Google Scholar 

  7. Michael Burrows, Martin Abadi, and Roger Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18–36, feb 1990.

    Article  Google Scholar 

  8. T. Dierks and C. Allen. The TLS Protocol Version 1.0. IETF RFC 2246, 1999.

    Google Scholar 

  9. E.A. Emerson. Temporal and Modal Logic. In Handbook of Theoretical Computer Science, volume B, pages 996–1072, 1990.

    Google Scholar 

  10. A. Frier, P. Karlton, and P. Kocher. The SSL 3.0 Protocol. Netscape Communications Corp., 1996.

    Google Scholar 

  11. G. Lowe. Finite-State Analysis of SSL 3.0. In Proceedings of the 4th Conference Tools and Algorithms for the Construction and Analysis of Systems, pages 147–166, 1996.

    Google Scholar 

  12. S. Lu and S.A. Smolka. Model Checking the Secure Electronic Transaction (SET) Protocol. In Proceedings of 7 th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, pages 358–365. IEEE Computer Society, 1999.

    Google Scholar 

  13. W. Marrero, E. Clarke, and S. Jha. Model Checking for Security Protocols. In Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997.

    Google Scholar 

  14. C. Mitchell, V. Shmatikov, and U. Stern. Finite-State Analysis of SSL 3.0. In Proceedings of the 7th USENIX Security Symposium, pages 201–216, 1998.

    Google Scholar 

  15. L.C. Paulson. Inductive Analysis of the Internet Protocol TLS. ACM Transactions on Computer and System Security, 2(3):332–351, 1999.

    Article  Google Scholar 

  16. P. Syverson and P.C. van Oorschot. On Unifying Some Cryptographic Protocol Logics. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 14–28, 1994.

    Google Scholar 

  17. D. Wagner and B. Schneier. Analysis of the SSL 3.0 Protocol. In Proceedings of the 2nd USENIX Workshop on Electronic Commerce Proceedings, pages 29–40, 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Physics, University of Naples ”Federico II”, Napoli, Italy

    Massimo Benerecetti

  2. Istituto di Informatica, University of Ancona, Ancona, Italy

    Maurizio Panti, Luca Spalazzi & Simone Tacconi

Authors
  1. Massimo Benerecetti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maurizio Panti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luca Spalazzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Simone Tacconi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. LFCS, Division of Informatics, The University of Edinburgh, Mayfield Road, EH9 3JZ, Edinburgh, UK

    Stuart Anderson  & Massimo Felici  & 

  2. ENEA CR Casaccia, Via Anguillarese, 301, 00060, Rome, Italy

    Sandro Bologna

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Benerecetti, M., Panti, M., Spalazzi, L., Tacconi, S. (2002). Verification of the SSL/TLS Protocol Using a Model Checkable Logic of Belief and Time. In: Anderson, S., Felici, M., Bologna, S. (eds) Computer Safety, Reliability and Security. SAFECOMP 2002. Lecture Notes in Computer Science, vol 2434. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45732-1_14

Download citation

  • DOI: https://doi.org/10.1007/3-540-45732-1_14

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44157-1

  • Online ISBN: 978-3-540-45732-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation