Abstract
As new Internet applications emerge, new security protocols and systems need to be designed and implemented. Unfortunately the current protocol design and implementation process is often ad-hoc and error prone. To solve this problem, we have designed and implemented a toolkit AGVI, Automatic Generation, Verification, and Implementation of Security Protocols. With AGVI, the protocol designer inputs the system specification (such as cryptographic key setup) and security requirements. AGVI will then automatically find the near-optimal protocols for the specific application, proves the correctness of the protocols and implement the protocols in Java. Our experiments have successfully generated new and even simpler protocols than the ones documented in the literature.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
J. Clark and J. Jacob. A survey of authentication protocol literature. http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz, 1997. Version 1.0.
E.M. Clarke, S. Jha, and W. Marrero. Using state space exploration and a natural deduction style message derivation engine to verify security protocols. In In Proceedings of the IFIP Working Conference on Programming Concepts and Methods (PROCOMET), 1998.
International Standards Organization. Entity Authentication Mechanisms Part 3: Entity authentication using symmetric techniques, 1993. ISO/IEC 9798.
C. Meadows. The NRL protocol analyzer: An overview. In Proceedings of the Second International Conference on the Practical Applications of Prolog, 1994.
J. Millen. The Interrogator model. In Proceedings of the 1995 IEEE Symposium on Security and Privacy, pages 251–260, 1995.
J. C. Mitchell, M. Mitchell, and U. Stern. Automated analysis of cryptographic protocols using murϕ. In Proceedings of the 1997 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1997.
Adrian Perrig, Doantam Phan, and Dawn Xiaodong Song. ACG-automatic code generation. automatic implementation of a security protocol. Technical Report 00-1120, UC Berkeley, December 2000.
Adrian Perrig and Dawn Song. A first step towards the automatic generation of security protocols. In Network and Distributed System Security Symposium, February 2000.
Adrian Perrig and Dawn Xiaodong Song. Looking for diamonds in the dessert: Automatic security protocol generation for three-party authentication and key distribution. In Proc. of IEEE Computer Security Foundations Workshop CSFW 13, July 2000.
Dawn Song, Sergey Berezin, and Adrian Perrig. Athena, a new efficient automatic checker for security protocols. Submitted to Journal of Computer Security, 2000.
Dawn Song. Athena: An automatic checker for security protocol analysis. In Proceedings of the 12th Computer Science Foundation Workshop, 1999.
F. Javier Thayer, Jonathan C. Herzog, and Joshua D. Guttman. Strand spaces: Why is a security protocol correct? In Proceedings of 1998 IEEE Symposium on Security and Privacy, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Song, D., Perrig, A., Phan, D. (2001). AGVI — Automatic Generation, Verification, and Implementation of Security Protocols. In: Berry, G., Comon, H., Finkel, A. (eds) Computer Aided Verification. CAV 2001. Lecture Notes in Computer Science, vol 2102. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44585-4_21
Download citation
DOI: https://doi.org/10.1007/3-540-44585-4_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42345-4
Online ISBN: 978-3-540-44585-2
eBook Packages: Springer Book Archive