Abstract
Secure protocols are built on cryptographic algorithms, which provide a variety of secure services to realize secure communications in a network environment. To improve the quality of security protocols and ensure their reliability, sufficient verification and testing are required. ProVerif is a classic formal verification tool for security protocols, and we describe its working mechanism and verification process in detail. In this paper, we focus on ProVerif and extensions in the verification of security protocols. We introduce some representative solutions to illustrate verification with ProVerif. And we also introduce its extension tools for protocols with stateful properties, protocols with algebraic properties, and protocol implementations, then summarize the general method of ProVerif extension tools. Finally, we discuss possible future research points, including the extension of ProVerif for protocols that combined stateful and algebraic properties, verification of security applications in SDN networks, and building models from protocol implementations without source code.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aizatulin, M., Gordon, A.D., Jürjens, J.: Extracting and verifying cryptographic models from c protocol code by symbolic execution. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 331–340 (2011)
Akhter, A., Shah, A., Ahmed, M., Moustafa, N., Cavusoglu, U., Zengin, A.: A secured message transmission protocol for vehicular ad hoc networks. Comput. Mater. Contin. 68(1), 229–246 (2021)
Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: verification of stateful processes. In: 2011 IEEE 24th Computer Security Foundations Symposium, pp. 33–47 (2011). https://doi.org/10.1109/CSF.2011.10
Avalle, M., Pironti, A., Sisto, R., Pozza, D.: The Java SPI framework for security protocol implementation. In: 2011 Sixth International Conference on Availability, Reliability and Security, pp. 746–751 (2011). https://doi.org/10.1109/ARES.2011.117
Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: 2012 IEEE 25th Computer Security Foundations Symposium, pp. 247–262 (2012). https://doi.org/10.1109/CSF.2012.27
Bhargavan, K., Fournet, C., Gordon, A., Tse, S.: Verified interoperable implementations of security protocols. In: 19th IEEE Computer Security Foundations Workshop (CSFW 2006), pp. 14–152 (2006). https://doi.org/10.1109/CSFW.2006.32
Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 483–502. IEEE (2017)
Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends® Priv. Secur. 1(1–2), 1–135 (2016)
Blanchet, B.: Symbolic and computational mechanized verification of the arinc823 avionic protocols. In: 2017 IEEE 30th Computer Security Foundations Symposium (CSF), pp. 68–82 (2017). https://doi.org/10.1109/CSF.2017.7
Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.02 pl1: automatic cryptographic protocol verifier, user manual and tutorial (2020)
Cheval, V., Cortier, V., Turuani, M.: A little more conversation, a little less action, a lot more satisfaction: global states in ProVerif. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 344–358 (2018). https://doi.org/10.1109/CSF.2018.00032
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Edris, E.K.K., Aiash, M., Loo, J.: Formal verification of authentication and service authorization protocols in 5G-enabled device-to-device communications using ProVerif. Electronics 10(13), 1608 (2021)
Elemam, E., Bahaa-Eldin, A.M., Shaker, N.H., Sobh, M.: Formal verification for a PMQTT protocol. Egypt. Inform. J. 21(3), 169–182 (2020)
Feng, H., Li, H., Pan, X., Zhao, Z., Cactilab, T.: A formal analysis of the FIDO UAF protocol. In: Proceedings of the Network and Distributed Systems Security (NDSS) Symposium, pp. 1–15 (2021)
Goubault-Larrecq, J., Parrennes, F.: Cryptographic protocol analysis on real C code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30579-8_24
Guirat, I.B., Halpin, H.: Formal verification of the W3C web authentication protocol. In: 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018, pp. 1–10. ACM (2018)
Han, S., et al.: Log-based anomaly detection with robust feature extraction and online learning. IEEE Trans. Inf. Forensics Secur. 16, 2300–2311 (2021). https://doi.org/10.1109/TIFS.2021.3053371
Jayamala, R., Valarmathi, A.: An enhanced decentralized virtual machine migration approach for energy-aware cloud data centers. Intell. Autom. Soft Comput. 27(2), 347–358 (2021)
Kobeissi, N., Nicolas, G., Bhargavan, K.: Noise explorer: fully automated modeling and verification for arbitrary noise protocols. In: 2019 IEEE European Symposium on Security and Privacy (EuroS P), pp. 356–370 (2019). https://doi.org/10.1109/EuroSP.2019.00034
Küsters, R., Truderung, T.: Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach. J. Autom. Reason. 46(3–4), 325–352 (2011)
Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: 2009 22nd IEEE Computer Security Foundations Symposium, pp. 157–171 (2009). https://doi.org/10.1109/CSF.2009.17
Lafourcade, P., Terrade, V., Vigier, S.: Comparison of cryptographic verification tools dealing with algebraic properties. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 173–185. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12459-4_13
May, M.J., Lux, K.D., Gunter, C.A.: WSEmail: a retrospective on a system for secure internet messaging based on web services. arXiv preprint arXiv:1908.02108 (2019)
Mödersheim, S., Bruni, A.: AIF-\(\omega \): set-based protocol abstraction with countable families. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 233–253. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49635-0_12
Qu, Z., Wu, S., Liu, W., Wang, X.: Analysis and improvement of steganography protocol based on bell states in noise environment. Comput. Mater. Contin. 59(2), 607–624 (2019)
Li, D.L., Tiu, A.: Combining ProVerif and automated theorem provers for security protocol verification. In: Fontaine, P. (ed.) CADE 2019. LNCS (LNAI), vol. 11716, pp. 354–365. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29436-6_21
Zhang, H., et al.: Da&fd-deadline-aware and flow duration-based rate control for mixed flows in DCNs. IEEE/ACM Trans. Netw. 27(6), 2458–2471 (2019). https://doi.org/10.1109/TNET.2019.2951925
Zhang, J., Yang, L., Cao, W., Wang, Q.: Formal analysis of 5G EAP-TLS authentication protocol using ProVerif. IEEE Access 8, 23674–23688 (2020). https://doi.org/10.1109/ACCESS.2020.2969474
Acknowledgement
This work was supported by the Hainan Provincial Natural Science Foundation of China (620RC562, 2019RC096, 620RC560), the Scientific Research Setup Fund of Hainan University (KYQD(ZR)1877), the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation (QCXM201910), and the National Natural Science Foundation of China (61802092, 62162021).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Yao, J., Xu, C., Li, D., Lin, S., Cao, X. (2022). Formal Verification of Security Protocols: ProVerif and Extensions. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13339. Springer, Cham. https://doi.org/10.1007/978-3-031-06788-4_42
Download citation
DOI: https://doi.org/10.1007/978-3-031-06788-4_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-06787-7
Online ISBN: 978-3-031-06788-4
eBook Packages: Computer ScienceComputer Science (R0)