AIF-\(\omega \): Set-Based Protocol Abstraction with Countable Families

  • Sebastian Mödersheim
  • Alessandro BruniEmail author
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9635)


Abstraction based approaches like ProVerif are very efficient in protocol verification, but have a limitation in dealing with stateful protocols. A number of extensions have been proposed to allow for a limited amount of state information while not destroying the advantages of the abstraction method. However, the extensions proposed so far can only deal with a finite amount of state information. This can in many cases make it impossible to formulate a verification problem for an unbounded number of agents (and one has to rather specify a fixed set of agents). Our work shows how to overcome this limitation by abstracting state into countable families of sets. We can then formalize a problem with unbounded agents, where each agent maintains its own set of keys. Still, our method does not loose the benefits of the abstraction approach, in particular, it translates a verification problem to a set of first-order Horn clauses that can then be efficiently verified with tools like ProVerif.


  1. 1.
    Arapinis, M., Phillips, J., Ritter, E., Ryan, M.D.: Statverif: verification of stateful processes. J. Comput. Secur. 22(5), 743–821 (2014)CrossRefGoogle Scholar
  2. 2.
    Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Computer Security Foundations Workshop (2001)Google Scholar
  3. 3.
    Bruni, A., Modersheim, S.: The AIF-\(\omega \) Compiler and Examples.
  4. 4.
    Bruni, A., Mödersheim, S., Nielson, F., Nielson, H.R.: Set-pi: set membership p-calculus. In: IEEE 28th Computer Security Foundations Symposium, CSF 2015 (2015)Google Scholar
  5. 5.
    Comon-Lundh, H., Cortier, V.: Security properties: two agents are sufficient. Sci. Comput. Program. 50(1–3), 51–71 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Fröschle, S., Steel, G.: Analysing PKCS#11 key management apis with unbounded fresh data. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 92–106. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    Kremer, S., Künnemann, R.: Automated analysis of security protocols with global state. In: Security and Privacy (2014)Google Scholar
  8. 8.
    Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  9. 9.
    Ye, M.: Design and analysis of PKCS#11 key management with AIF. Master’s thesis, DTU Compute (2014).
  10. 10.
    Mödersheim, S.: Abstraction by set-membership: verifying security protocols and web services with databases. In: Computer and Communications Security (2010)Google Scholar
  11. 11.
    Mödersheim, S., Modesti, P.: Verifying sevecom using set-based abstraction. In: Proceedings of the 7th International Wireless Communications and Mobile Computing Conference, IWCMC 2011, Istanbul, Turkey, 4–8 July 2011 (2011)Google Scholar
  12. 12.
    Weidenbach, C.: Towards an automatic analysis of security protocols in first-order logic. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 314–328. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Weidenbach, C., Dimova, D., Fietzke, A., Kumar, R., Suda, M., Wischnewski, P.: SPASS version 3.5. In: Schmidt, R.A. (ed.) CADE-22. LNCS, vol. 5663, pp. 140–145. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2016

Authors and Affiliations

  1. 1.DTU ComputeLyngbyDenmark
  2. 2.IT University of CopenhagenCopenhagenDenmark

Personalised recommendations