Abstract
Internet communication is essential for everyone. Algorithms that decide about the correctness of this communication are protocols, and the central part of it that keeps all in safety are security protocols. Because every such program must be implemented and applied, errors are probable. That is why we need verification methods based on mathematical models, and we also need tools checking the new protocols, looking for undiscovered gaps. Existing verification tools and languages describing the protocols are not free of errors or imperfections. Sometimes they neglect some dependencies, and sometimes they are utterly redundant. We present in the article a formal model that we have recently developed. It describes the different behaviours and properties of security protocols. On the base of it, we implemented the tool that verifies many types of protocol, first of all, if they work and then if they meet the security requirements. At the end of the article, we provided a summary of our results with the results obtained from popular tool.
The project financed under the program of the Minister of Science and Higher Education under the name “Regional Initiative of Excellence” in 2019–2022 project number 020/RID/2018/19, the amount of financing 12,000,000 PLN.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abadi, M., Blanchet, B., Fournet, C.: The applied pi calculus: mobile values, new names, and secure communication. J. ACM 65(1), 1:1–1:41 (2018)
Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005). https://doi.org/10.1007/11513988_27
Basin, D., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Inf. Softw. Technol. 51(5), 815–831 (2009)
Basin, D., Cremers, C., Meadows, C.: Model checking security protocols. Handbook of Model Checking, pp. 727–762. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-10575-8_22
Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Priv. Secur. 1(1–2), 1–135 (2016)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)
Cremers, C., Mauw, S.: Operational Semantics and Verification of Security Protocols. Information Security and Cryptography. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-540-78636-8
David, A., Larsen, K.G., et al.: Uppaal SMC tutorial. Int. J. Softw. Tools Technol. Transfer (STTT) 17(4), 397–415 (2015)
Dolev, D., Yao, A.: On the security of public key protocols. Technical report, Stanford, CA, USA (1981)
Gibson-Robinson, T., Kamil, A., Lowe, G.: Verifying layered security protocols. J. Comput. Secur. 23(3), 259–307 (2015)
Grosser, A., Kurkowski, M., Piątkowski, J., Szymoniak, S.: ProToc—an universal language for security protocols specifications. In: Wiliński, A., El Fray, I., Pejaś, J. (eds.) Soft Computing in Computer and Information Science. AISC, vol. 342, pp. 237–248. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15147-2_20
Hyla, T., Pejas, J., El Fray, I., Mackow, W., Chocianowicz, W., Szulga, M.: Sensitive information protection on mobile devices using general access structures. In: Proceedings of the Ninth International Conference on Systems, ICONS 2014, pp. 192–196. XPS (Xpert Publishing Services) (2014)
Kacprzak, M., et al.: Verics 2007 - a model checker for knowledge and real-time. Fundamenta Informaticae 85(1–4), 313–328 (2008)
Kurkowski, M.: Formalne metody weryfikacji własności protokołów zabezpieczajacych w sieciach komputerowych. Informatyka - Akademicka Oficyna Wydawnicza EXIT, Akademicka Oficyna Wydawnicza Exit (2013)
Kurkowski, M., Kozakiewicz, A., Siedlecka-Lamch, O.: Some remarks on security protocols verification tools. In: Grzech, A., Świątek, J., Wilimowska, Z., Borzemski, L. (eds.) Information Systems Architecture and Technology: Proceedings of 37th International Conference on Information Systems Architecture and Technology – ISAT 2016 – Part II. AISC, vol. 522, pp. 65–75. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-46586-9_6
Kurkowski, M., Penczek, W.: Verifying security protocols modelled by networks of automata. Fundam. Inf. 79(3–4), 453–471 (2007)
Kurkowski, M., Siedlecka-Lamch, O., Dudek, P.: Using backward induction techniques in (timed) security protocols verification. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 265–276. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40925-7_25
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)
Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-61042-1_43
Martina, J.E., Paulson, L.C.: Verifying multicast-based security protocols using the inductive method. Int. J. Inf. Secur. 14(2), 187–204 (2015)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)
Paulson, L.C.: Inductive analysis of the internet protocol TLS. ACM Trans. Inf. Syst. Secur. 2(3), 332–351 (1999)
Siedlecka-Lamch, O., El Fray, I., Kurkowski, M., Pejaś, J.: Verification of mutual authentication protocol for MobInfoSec system. In: Saeed, K., Homenda, W. (eds.) CISIM 2015. LNCS, vol. 9339, pp. 461–474. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24369-6_38
Siedlecka-Lamch, O., Kurkowski, M., Piatkowski, J.: Probabilistic model checking of security protocols without perfect cryptography assumption. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2016. CCIS, vol. 608, pp. 107–117. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39207-3_10
Woo, T., Lam, S.: A lesson on authentication protocol design. SIGOPS Oper. Syst. Rev. 28(3), 24–37 (1994)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Siedlecka-Lamch, O., Szymoniak, S., Kurkowski, M. (2019). A Fast Method for Security Protocols Verification. In: Saeed, K., Chaki, R., Janev, V. (eds) Computer Information Systems and Industrial Management. CISIM 2019. Lecture Notes in Computer Science(), vol 11703. Springer, Cham. https://doi.org/10.1007/978-3-030-28957-7_43
Download citation
DOI: https://doi.org/10.1007/978-3-030-28957-7_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-28956-0
Online ISBN: 978-3-030-28957-7
eBook Packages: Computer ScienceComputer Science (R0)