Alice and Bob Meet Equational Theories

  • David Basin
  • Michel Keller
  • Saša Radomirović
  • Ralf Sasse
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9200)

Abstract

Cryptographic protocols are the backbone of secure communication over open networks and their correctness is therefore crucial. Tool-supported formal analysis of cryptographic protocol designs increases our confidence that these protocols achieve their intended security guarantees. We propose a method to automatically translate text-book style Alice&Bob protocol specifications into a format amenable to formal verification using existing tools. Our translation supports specification modulo equational theories, which enables the faithful representation of algebraic properties of a large class of cryptographic operators.

References

  1. 1.
    Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  2. 2.
    Baader, F., Nipkow, T.: Term Rewriting and All That. Cambridge University Press, Cambridge (1998)CrossRefMATHGoogle Scholar
  3. 3.
    Basin, D., Keller, M., Radomirović, S., Sasse, R.: Alice&Bob protocols. http://www.infsec.ethz.ch/research/software/anb.html
  4. 4.
    Basin, D., Cremers, C., Meier, S.: Provably repairing the ISO/IEC 9798 standard for entity authentication. J. Comput. Secur. 21(6), 817–846 (2013)CrossRefMATHGoogle Scholar
  5. 5.
    Basin, D., Cremers, C., Kim, T.H.-J., Perrig, A., Sasse, R., Szalachowski, P.: ARPKI: attack resilient public-key infrastructure. In: Ahn, G.-J., Yung, M., Li, N. (eds.) Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 3–7 November 2014, Scottsdale, AZ, USA, pp. 382–393. ACM (2014)Google Scholar
  6. 6.
    Blanchet, B.: Proverif automatic cryptographic protocol verifier user manual. CNRS, Departement d’Informatique, Ecole Normale Superieure, Paris (2005)Google Scholar
  7. 7.
    Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Computer Security Foundations Workshop (CSFW), pp. 82–96. IEEE (2001)Google Scholar
  8. 8.
    Caleiro, C., Viganò, L., Basin, D.: Deconstructing Alice and Bob. Electron. Notes Theoret. Comput. Sci. 135(1), 3–22 (2005). Proceedings of the Workshop on Automated Reasoning for Security Protocol Analysis, ARSPA 2005CrossRefMATHGoogle Scholar
  9. 9.
    Caleiro, C., Viganò, L., Basin, D.: On the semantics of Alice&Bob specifications of security protocols. Theor. Comput. Sci. 367(1–2), 88–122 (2006)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Chevalier, Y., Rusinowitch, M.: Compiling and securing cryptographic protocols. Inf. Process. Lett. 110(3), 116–122 (2010)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C. (eds.): All About Maude - A High-Performance Logical Framework. LNCS, vol. 4350. Springer, Heidelberg (2007) MATHGoogle Scholar
  12. 12.
    Comon-Lundh, H., Delaune, S.: The finite variant property: how to get rid of some algebraic properties. In: Giesl, J. (ed.) RTA 2005. LNCS, vol. 3467, pp. 294–307. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  13. 13.
    Cremers, C.: Unbounded verification, falsification, and characterization of security protocols by pattern refinement. In: ACM Conference on Computer and Communications Security (CCS), pp. 119–128. ACM (2008)Google Scholar
  14. 14.
    Denker, G., Millen, J.K.: CAPSL intermediate language. In: Proceedings of FMSP 1999 (1999). http://www.csl.sri.com/users/millen/capsl/
  15. 15.
    Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cyptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Escobar, S., Sasse, R., Meseguer, J.: Folding variant narrowing and optimal variant termination. J. Logic Algebraic Program. 81(7–8), 898–928 (2012)MathSciNetCrossRefMATHGoogle Scholar
  17. 17.
    Fabrega, F.J.T., Herzog, J., Guttman, J.: Strand spaces: what makes a security protocol correct? J. Comput. Secur. 7, 191–230 (1999)CrossRefGoogle Scholar
  18. 18.
    Keller, M.: Converting Alice and Bob protocol specifications to Tamarin. Bachelor’s thesis, ETH Zurich (2014). http://www.infsec.ethz.ch/research/software/anb.html
  19. 19.
    Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: TACAS, pp. 147–166 (1996)Google Scholar
  20. 20.
    Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th IEEE Workshop on Computer Security Foundations, CSFW 1997, pp. 31–43, Washington, DC, USA. IEEE Computer Society (1997)Google Scholar
  21. 21.
    Lowe, G.: Casper: a compiler for the analysis of security protocols. J. Comput. Secur. 6(1), 53–84 (1998)CrossRefGoogle Scholar
  22. 22.
    McCarthy, J., Krishnamurthi, S.: Cryptographic protocol explication and end-point projection. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 533–547. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  23. 23.
    Meier, S.: GitHub repository of scyther-proof Project. https://github.com/meiersi/scyther-proof
  24. 24.
    Meier, S., Cremers, C., Basin, D.: Strong invariants for the efficient construction of machine-checked protocol security proofs. In: CSF, pp. 231–245. IEEE Computer Society (2010)Google Scholar
  25. 25.
    Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  26. 26.
    Mödersheim, S.: Algebraic properties in Alice and Bob notation. In: ARES, pp. 433–440. IEEE Computer Society (2009)Google Scholar
  27. 27.
    Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. Communications 32(9), 33–38 (1994)Google Scholar
  28. 28.
    Schmidt, B.: Formal analysis of key exchange protocols and physical protocols. Ph.D. dissertation, ETH Zurich (2012)Google Scholar
  29. 29.
    Schmidt, B., Meier, S., Cremers, C., Basin, D.: Automated analysis of Diffie-Hellman protocols and advanced security properties. In: Computer Security Foundations Symposium (CSF), pp. 78–94. IEEE (2012)Google Scholar
  30. 30.
    Schmidt, B., Sasse, R., Cremers, C., Basin, D.: Automated verification of group key agreement protocols. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, 18–21 May 2014, Berkeley, CA, USA, pp. 179–194. IEEE Computer Society (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • David Basin
    • 1
  • Michel Keller
    • 1
  • Saša Radomirović
    • 1
  • Ralf Sasse
    • 1
  1. 1.Department of Computer Science, Institute of Information SecurityETH ZurichZurichSwitzerland

Personalised recommendations