Skip to main content

Formal Verification of Security Protocols: ProVerif and Extensions

  • Conference paper
  • First Online:
Artificial Intelligence and Security (ICAIS 2022)

Abstract

Secure protocols are built on cryptographic algorithms, which provide a variety of secure services to realize secure communications in a network environment. To improve the quality of security protocols and ensure their reliability, sufficient verification and testing are required. ProVerif is a classic formal verification tool for security protocols, and we describe its working mechanism and verification process in detail. In this paper, we focus on ProVerif and extensions in the verification of security protocols. We introduce some representative solutions to illustrate verification with ProVerif. And we also introduce its extension tools for protocols with stateful properties, protocols with algebraic properties, and protocol implementations, then summarize the general method of ProVerif extension tools. Finally, we discuss possible future research points, including the extension of ProVerif for protocols that combined stateful and algebraic properties, verification of security applications in SDN networks, and building models from protocol implementations without source code.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Aizatulin, M., Gordon, A.D., Jürjens, J.: Extracting and verifying cryptographic models from c protocol code by symbolic execution. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 331–340 (2011)

    Google Scholar 

  2. Akhter, A., Shah, A., Ahmed, M., Moustafa, N., Cavusoglu, U., Zengin, A.: A secured message transmission protocol for vehicular ad hoc networks. Comput. Mater. Contin. 68(1), 229–246 (2021)

    Google Scholar 

  3. Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: verification of stateful processes. In: 2011 IEEE 24th Computer Security Foundations Symposium, pp. 33–47 (2011). https://doi.org/10.1109/CSF.2011.10

  4. Avalle, M., Pironti, A., Sisto, R., Pozza, D.: The Java SPI framework for security protocol implementation. In: 2011 Sixth International Conference on Availability, Reliability and Security, pp. 746–751 (2011). https://doi.org/10.1109/ARES.2011.117

  5. Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: 2012 IEEE 25th Computer Security Foundations Symposium, pp. 247–262 (2012). https://doi.org/10.1109/CSF.2012.27

  6. Bhargavan, K., Fournet, C., Gordon, A., Tse, S.: Verified interoperable implementations of security protocols. In: 19th IEEE Computer Security Foundations Workshop (CSFW 2006), pp. 14–152 (2006). https://doi.org/10.1109/CSFW.2006.32

  7. Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 483–502. IEEE (2017)

    Google Scholar 

  8. Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends® Priv. Secur. 1(1–2), 1–135 (2016)

    Google Scholar 

  9. Blanchet, B.: Symbolic and computational mechanized verification of the arinc823 avionic protocols. In: 2017 IEEE 30th Computer Security Foundations Symposium (CSF), pp. 68–82 (2017). https://doi.org/10.1109/CSF.2017.7

  10. Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.02 pl1: automatic cryptographic protocol verifier, user manual and tutorial (2020)

    Google Scholar 

  11. Cheval, V., Cortier, V., Turuani, M.: A little more conversation, a little less action, a lot more satisfaction: global states in ProVerif. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 344–358 (2018). https://doi.org/10.1109/CSF.2018.00032

  12. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  13. Edris, E.K.K., Aiash, M., Loo, J.: Formal verification of authentication and service authorization protocols in 5G-enabled device-to-device communications using ProVerif. Electronics 10(13), 1608 (2021)

    Article  Google Scholar 

  14. Elemam, E., Bahaa-Eldin, A.M., Shaker, N.H., Sobh, M.: Formal verification for a PMQTT protocol. Egypt. Inform. J. 21(3), 169–182 (2020)

    Article  Google Scholar 

  15. Feng, H., Li, H., Pan, X., Zhao, Z., Cactilab, T.: A formal analysis of the FIDO UAF protocol. In: Proceedings of the Network and Distributed Systems Security (NDSS) Symposium, pp. 1–15 (2021)

    Google Scholar 

  16. Goubault-Larrecq, J., Parrennes, F.: Cryptographic protocol analysis on real C code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30579-8_24

    Chapter  Google Scholar 

  17. Guirat, I.B., Halpin, H.: Formal verification of the W3C web authentication protocol. In: 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018, pp. 1–10. ACM (2018)

    Google Scholar 

  18. Han, S., et al.: Log-based anomaly detection with robust feature extraction and online learning. IEEE Trans. Inf. Forensics Secur. 16, 2300–2311 (2021). https://doi.org/10.1109/TIFS.2021.3053371

    Article  Google Scholar 

  19. Jayamala, R., Valarmathi, A.: An enhanced decentralized virtual machine migration approach for energy-aware cloud data centers. Intell. Autom. Soft Comput. 27(2), 347–358 (2021)

    Article  Google Scholar 

  20. Kobeissi, N., Nicolas, G., Bhargavan, K.: Noise explorer: fully automated modeling and verification for arbitrary noise protocols. In: 2019 IEEE European Symposium on Security and Privacy (EuroS P), pp. 356–370 (2019). https://doi.org/10.1109/EuroSP.2019.00034

  21. Küsters, R., Truderung, T.: Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach. J. Autom. Reason. 46(3–4), 325–352 (2011)

    Article  MathSciNet  Google Scholar 

  22. Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: 2009 22nd IEEE Computer Security Foundations Symposium, pp. 157–171 (2009). https://doi.org/10.1109/CSF.2009.17

  23. Lafourcade, P., Terrade, V., Vigier, S.: Comparison of cryptographic verification tools dealing with algebraic properties. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 173–185. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12459-4_13

    Chapter  Google Scholar 

  24. May, M.J., Lux, K.D., Gunter, C.A.: WSEmail: a retrospective on a system for secure internet messaging based on web services. arXiv preprint arXiv:1908.02108 (2019)

  25. Mödersheim, S., Bruni, A.: AIF-\(\omega \): set-based protocol abstraction with countable families. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 233–253. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49635-0_12

    Chapter  Google Scholar 

  26. Qu, Z., Wu, S., Liu, W., Wang, X.: Analysis and improvement of steganography protocol based on bell states in noise environment. Comput. Mater. Contin. 59(2), 607–624 (2019)

    Google Scholar 

  27. Li, D.L., Tiu, A.: Combining ProVerif and automated theorem provers for security protocol verification. In: Fontaine, P. (ed.) CADE 2019. LNCS (LNAI), vol. 11716, pp. 354–365. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29436-6_21

    Chapter  Google Scholar 

  28. Zhang, H., et al.: Da&fd-deadline-aware and flow duration-based rate control for mixed flows in DCNs. IEEE/ACM Trans. Netw. 27(6), 2458–2471 (2019). https://doi.org/10.1109/TNET.2019.2951925

    Article  Google Scholar 

  29. Zhang, J., Yang, L., Cao, W., Wang, Q.: Formal analysis of 5G EAP-TLS authentication protocol using ProVerif. IEEE Access 8, 23674–23688 (2020). https://doi.org/10.1109/ACCESS.2020.2969474

    Article  Google Scholar 

Download references

Acknowledgement

This work was supported by the Hainan Provincial Natural Science Foundation of China (620RC562, 2019RC096, 620RC560), the Scientific Research Setup Fund of Hainan University (KYQD(ZR)1877), the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation (QCXM201910), and the National Natural Science Foundation of China (61802092, 62162021).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Deshun Li .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yao, J., Xu, C., Li, D., Lin, S., Cao, X. (2022). Formal Verification of Security Protocols: ProVerif and Extensions. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13339. Springer, Cham. https://doi.org/10.1007/978-3-031-06788-4_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-06788-4_42

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-06787-7

  • Online ISBN: 978-3-031-06788-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics