Skip to main content

Combining ProVerif and Automated Theorem Provers for Security Protocol Verification

  • Conference paper
  • First Online:
Automated Deduction – CADE 27 (CADE 2019)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11716))

Included in the following conference series:

Abstract

Symbolic verification of security protocols typically relies on an attacker model called the Dolev-Yao model, which does not model adequately various algebraic properties of cryptographic operators used in many real-world protocols. In this work we describe an integration of a state-of-the-art protocol verifier ProVerif, with automated first order theorem provers (ATP). The integration allows one to model directly algebraic properties of cryptographic operators as a first-order equational theory and the specified protocol can be exported to a first-order logic specification in the standard TPTP format for ATP. An attack on a protocol corresponds to a refutation using the encoded first order clauses. We implement a tool that analyses this refutation and extracts an attack trace from it, and visualises the deduction steps performed by the attacker. We show that the combination of ProVerif and ATP can find attacks that cannot be found by ProVerif when algebraic properties are taken into account in the protocol verification.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Some examples which Proverif-ATP can handle but which Tamarin fails are available via https://github.com/darrenldl/ProVerif-ATP/tree/master/related-work/.

  2. 2.

    https://github.com/darrenldl/ProVerif-ATP.

  3. 3.

    http://tptp.cs.miami.edu/~tptp/CASC/.

References

  1. Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. J. ACM 52(1), 102–146 (2005). https://doi.org/10.1145/1044731.1044735

    Article  MathSciNet  MATH  Google Scholar 

  2. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2001, pp. 104–115. ACM, New York (2001). https://doi.org/10.1145/360204.360213

  3. Basin, D., Dreier, J., Hirschi, L., Radomirovic, S., Sasse, R., Stettler, V.: A formal analysis of 5G authentication. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, pp. 1383–1396. ACM, New York (2018). https://doi.org/10.1145/3243734.3243846

  4. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proceedings of 14th IEEE Computer Security Foundations Workshop, 2001. pp. 82–96, June 2001. https://doi.org/10.1109/CSFW.2001.930138

  5. Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and proVerif. Found. Trends® Priv. Secur. 1(1–2), 1–135 (2016). https://doi.org/10.1561/3300000004

    Article  Google Scholar 

  6. Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Technical report (2018)

    Google Scholar 

  7. Chien, H.-Y., Huang, C.-W.: A lightweight RFID protocol using substring. In: Kuo, T.-W., Sha, E., Guo, M., Yang, L.T., Shao, Z. (eds.) EUC 2007. LNCS, vol. 4808, pp. 422–431. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77092-3_37

    Chapter  Google Scholar 

  8. Comon-Lundh, H., Delaune, S.: The finite variant property: how to get rid of some algebraic properties. In: Giesl, J. (ed.) RTA 2005. LNCS, vol. 3467, pp. 294–307. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-32033-3_22

    Chapter  Google Scholar 

  9. Cortier, V., Delaune, S., Lafourcade, P.: A survey of algebraic properties used in cryptographic protocols. J. Comput. Secur. 14(1), 1–43 (2006). https://doi.org/10.3233/jcs-2006-14101

    Article  Google Scholar 

  10. van Deursen, T., Radomirovic, S.: Attacks on RFID protocols. IACR Cryptology ePrint Archive 2008, 310 (2008). http://eprint.iacr.org/2008/310

  11. Dierks, T., Rescorla, E.: The transport layer security (TLS) protocol version 1.2. Technical report, August 2008. https://doi.org/10.17487/rfc5246

  12. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transact. Inf. Theory 29(2), 198–208 (1983). https://doi.org/10.1109/TIT.1983.1056650

    Article  MathSciNet  MATH  Google Scholar 

  13. Dreier, J., Hirschi, L., Radomirovic, S., Sasse, R.: Automated unbounded verification of stateful cryptographic protocols with exclusive or. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 359–373, July 2018. https://doi.org/10.1109/CSF.2018.00033

  14. Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007-2009. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03829-7_1

    Chapter  MATH  Google Scholar 

  15. Escobar, S., Meadows, C.A., Meseguer, J.: Maude-NPA, Version 3.1. Technical report (2017)

    Google Scholar 

  16. Kovács, L., Voronkov, A.: First-order theorem proving and Vampire. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 1–35. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_1

    Chapter  Google Scholar 

  17. Lowe, G.: A hierarchy of authentication specifications. In: Proceedings 10th Computer Security Foundations Workshop, pp. 31–43, June 1997. https://doi.org/10.1109/CSFW.1997.596782

  18. Lowe, G.: Breaking and fixing the Needham-Schroeder Public-Key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-61042-1_43

    Chapter  Google Scholar 

  19. Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48

    Chapter  Google Scholar 

  20. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978). https://doi.org/10.1145/359657.359659

    Article  MATH  Google Scholar 

  21. Reger, G.: Better proof output for vampire. In: Kovacs, L., Voronkov, A. (eds.) Proceedings of the 3rd Vampire Workshop, Vampire 2016. EPiC Series in Computing, vol. 44, pp. 46–60. EasyChair (2017). https://doi.org/10.29007/5dmz, https://easychair.org/publications/paper/1DlL

  22. Ryan, P., Schneider, S.: An attack on a recursive authentication protocol a cautionary tale. Inf. Process. Lett. 65(1), 7–10 (1998). https://doi.org/10.1016/S0020-0190(97)00180-4,. http://www.sciencedirect.com/science/article/pii/S0020019097001804

    Article  MATH  Google Scholar 

  23. Steel, G.: Deduction with XOR constraints in security API modelling. In: Nieuwenhuis, R. (ed.) CADE 2005. LNCS (LNAI), vol. 3632, pp. 322–336. Springer, Heidelberg (2005). https://doi.org/10.1007/11532231_24

    Chapter  Google Scholar 

  24. Sutcliffe, G.: The TPTP problem library and associated infrastructure. J. Autom. Reasoning 59(4), 483–502 (2017). https://doi.org/10.1007/s10817-017-9407-7

    Article  MATH  Google Scholar 

  25. Viganò, L.: Automated security protocol analysis with the AVISPA tool. Electron. Notes Theor. Comput. Sci. 155, 61–86 (2006). https://doi.org/10.1016/j.entcs.2005.11.052. http://www.sciencedirect.com/science/article/pii/S1571066106001897 proceedings of the 21st Annual Conference on Mathematical Foundations of Programming Semantics (MFPS XXI)

    Article  Google Scholar 

  26. Voronkov, A.: AVATAR: the architecture for first-order theorem provers. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 696–710. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08867-9_46

    Chapter  Google Scholar 

  27. Weidenbach, C., Dimova, D., Fietzke, A., Kumar, R., Suda, M., Wischnewski, P.: SPASS Version 3.5. In: Schmidt, R.A. (ed.) CADE 2009. LNCS (LNAI), vol. 5663, pp. 140–145. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02959-2_10

    Chapter  Google Scholar 

  28. Woo, T.Y.C., Lam, S.S.: Authentication for distributed systems. Computer 25(1), 39–52 (1992). https://doi.org/10.1109/2.108052

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Di Long Li .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, D.L., Tiu, A. (2019). Combining ProVerif and Automated Theorem Provers for Security Protocol Verification. In: Fontaine, P. (eds) Automated Deduction – CADE 27. CADE 2019. Lecture Notes in Computer Science(), vol 11716. Springer, Cham. https://doi.org/10.1007/978-3-030-29436-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-29436-6_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-29435-9

  • Online ISBN: 978-3-030-29436-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics