Skip to main content

A Fast Method for Security Protocols Verification

  • Conference paper
  • First Online:
Computer Information Systems and Industrial Management (CISIM 2019)

Abstract

Internet communication is essential for everyone. Algorithms that decide about the correctness of this communication are protocols, and the central part of it that keeps all in safety are security protocols. Because every such program must be implemented and applied, errors are probable. That is why we need verification methods based on mathematical models, and we also need tools checking the new protocols, looking for undiscovered gaps. Existing verification tools and languages describing the protocols are not free of errors or imperfections. Sometimes they neglect some dependencies, and sometimes they are utterly redundant. We present in the article a formal model that we have recently developed. It describes the different behaviours and properties of security protocols. On the base of it, we implemented the tool that verifies many types of protocol, first of all, if they work and then if they meet the security requirements. At the end of the article, we provided a summary of our results with the results obtained from popular tool.

The project financed under the program of the Minister of Science and Higher Education under the name “Regional Initiative of Excellence” in 2019–2022 project number 020/RID/2018/19, the amount of financing 12,000,000 PLN.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Abadi, M., Blanchet, B., Fournet, C.: The applied pi calculus: mobile values, new names, and secure communication. J. ACM 65(1), 1:1–1:41 (2018)

    MathSciNet  MATH  Google Scholar 

  2. Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005). https://doi.org/10.1007/11513988_27

    Chapter  Google Scholar 

  3. Basin, D., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Inf. Softw. Technol. 51(5), 815–831 (2009)

    Article  Google Scholar 

  4. Basin, D., Cremers, C., Meadows, C.: Model checking security protocols. Handbook of Model Checking, pp. 727–762. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-10575-8_22

    Chapter  MATH  Google Scholar 

  5. Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Priv. Secur. 1(1–2), 1–135 (2016)

    Google Scholar 

  6. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)

    Article  Google Scholar 

  7. Cremers, C., Mauw, S.: Operational Semantics and Verification of Security Protocols. Information Security and Cryptography. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-540-78636-8

    Book  MATH  Google Scholar 

  8. David, A., Larsen, K.G., et al.: Uppaal SMC tutorial. Int. J. Softw. Tools Technol. Transfer (STTT) 17(4), 397–415 (2015)

    Article  Google Scholar 

  9. Dolev, D., Yao, A.: On the security of public key protocols. Technical report, Stanford, CA, USA (1981)

    Google Scholar 

  10. Gibson-Robinson, T., Kamil, A., Lowe, G.: Verifying layered security protocols. J. Comput. Secur. 23(3), 259–307 (2015)

    Article  Google Scholar 

  11. Grosser, A., Kurkowski, M., Piątkowski, J., Szymoniak, S.: ProToc—an universal language for security protocols specifications. In: Wiliński, A., El Fray, I., Pejaś, J. (eds.) Soft Computing in Computer and Information Science. AISC, vol. 342, pp. 237–248. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15147-2_20

    Chapter  Google Scholar 

  12. Hyla, T., Pejas, J., El Fray, I., Mackow, W., Chocianowicz, W., Szulga, M.: Sensitive information protection on mobile devices using general access structures. In: Proceedings of the Ninth International Conference on Systems, ICONS 2014, pp. 192–196. XPS (Xpert Publishing Services) (2014)

    Google Scholar 

  13. Kacprzak, M., et al.: Verics 2007 - a model checker for knowledge and real-time. Fundamenta Informaticae 85(1–4), 313–328 (2008)

    MathSciNet  MATH  Google Scholar 

  14. Kurkowski, M.: Formalne metody weryfikacji własności protokołów zabezpieczajacych w sieciach komputerowych. Informatyka - Akademicka Oficyna Wydawnicza EXIT, Akademicka Oficyna Wydawnicza Exit (2013)

    Google Scholar 

  15. Kurkowski, M., Kozakiewicz, A., Siedlecka-Lamch, O.: Some remarks on security protocols verification tools. In: Grzech, A., Świątek, J., Wilimowska, Z., Borzemski, L. (eds.) Information Systems Architecture and Technology: Proceedings of 37th International Conference on Information Systems Architecture and Technology – ISAT 2016 – Part II. AISC, vol. 522, pp. 65–75. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-46586-9_6

    Chapter  Google Scholar 

  16. Kurkowski, M., Penczek, W.: Verifying security protocols modelled by networks of automata. Fundam. Inf. 79(3–4), 453–471 (2007)

    MathSciNet  MATH  Google Scholar 

  17. Kurkowski, M., Siedlecka-Lamch, O., Dudek, P.: Using backward induction techniques in (timed) security protocols verification. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 265–276. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40925-7_25

    Chapter  Google Scholar 

  18. Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)

    Article  Google Scholar 

  19. Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-61042-1_43

    Chapter  Google Scholar 

  20. Martina, J.E., Paulson, L.C.: Verifying multicast-based security protocols using the inductive method. Int. J. Inf. Secur. 14(2), 187–204 (2015)

    Article  Google Scholar 

  21. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)

    Article  Google Scholar 

  22. Paulson, L.C.: Inductive analysis of the internet protocol TLS. ACM Trans. Inf. Syst. Secur. 2(3), 332–351 (1999)

    Article  Google Scholar 

  23. Siedlecka-Lamch, O., El Fray, I., Kurkowski, M., Pejaś, J.: Verification of mutual authentication protocol for MobInfoSec system. In: Saeed, K., Homenda, W. (eds.) CISIM 2015. LNCS, vol. 9339, pp. 461–474. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24369-6_38

    Chapter  Google Scholar 

  24. Siedlecka-Lamch, O., Kurkowski, M., Piatkowski, J.: Probabilistic model checking of security protocols without perfect cryptography assumption. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2016. CCIS, vol. 608, pp. 107–117. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39207-3_10

    Chapter  Google Scholar 

  25. Woo, T., Lam, S.: A lesson on authentication protocol design. SIGOPS Oper. Syst. Rev. 28(3), 24–37 (1994)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Olga Siedlecka-Lamch .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Siedlecka-Lamch, O., Szymoniak, S., Kurkowski, M. (2019). A Fast Method for Security Protocols Verification. In: Saeed, K., Chaki, R., Janev, V. (eds) Computer Information Systems and Industrial Management. CISIM 2019. Lecture Notes in Computer Science(), vol 11703. Springer, Cham. https://doi.org/10.1007/978-3-030-28957-7_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-28957-7_43

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-28956-0

  • Online ISBN: 978-3-030-28957-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics