Lazy Infinite-State Analysis of Security Protocols
Security protocols are used to exchange information in a Distributed system with the aim of providing security guarantees. We Present an approach to modeling security protocols using lazy data types in a higher-order functional programming language. Our approach supports the formalization of protocol models in a natural and high-level way, and the automated analysis of safety properties using infinite-state model checking, where the model is explicitly constructed in a demand-driven manner. We illustrate these ideas with an extended example: modeling and checking the Needham-Schroeder public-key authentication protocol.
Unable to display preview. Download preview PDF.
- John Clark and Jeremy Jacob. A survey of authentication protocol literature: Version 1.0. Available at the URL http://www.cs.york.ac.uk/~jac/>.
- G. Denker, J. Meseguer, and C. Talcott. Protocol specification and analysis in Maude. In N. Heintze and J. Wing, editors Proceedings of the Workshop on Formal Methods and Security Protocols, pages 939–944, Indianapolis, Indiana, June 1998.Google Scholar
- Dan P. Friedman and David S. Wise. Cons should not evaluate its arguments. In S. Michaelson and R. Milner, editors, Automata, Languages and Programming, pages 257–284. Edinburgh University Press, 1976.Google Scholar
- Nevin Heintze, J.D. Tygar, Jeannette M. Wing, and Hao-Chi Wong. Model checking electronic commerce protocols. In Proceedings of the UNISEX 1996 Workshop on Electronic Commerce, 1996.Google Scholar
- P. Hudak, S. Peyton Jones, and P. Wadler (Editors). Report on the programming language Haskell: A non-strict, purely functional language (version 1.2). ACM SIGPLAN Notices, 27(5), 1992Google Scholar
- Gawin Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS’96, LNCS 1055. pages 147–166. Springer, Berlin, 1996.Google Scholar
- Wenbo Mao. An augmentation of BAN-like logics. In Proceedings of the 8th IEEE Computer Security Foundations of Workshop, pages 44–56. IEEE Computer Society Press, 1995.Google Scholar
- W. Marrerp. E. Clarke, and S. Jha. Model checking for security protocols. In Proceedings of the DIMACS Workshop on Design and Verification of Security Protocols. 1997.Google Scholar
- Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–125, 1998.Google Scholar
- A.W. Roscoe. Modelling and verifying key-exchange protocols using CSP and FDR. In Proceedings of 1995 IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 1995.Google Scholar