Skip to main content
SpringerLink
Log in

A BSP algorithm for on-the-fly checking CTL* formulas on security protocols

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

This paper presents a distributed (Bulk-Synchronous Parallel or bsp) algorithm to compute on-the-fly whether a structured model of a security protocol satisfies a ctl \(^*\) formula. Using the structured nature of the security protocols allows us to design a simple method to distribute the state space under consideration in a need-driven fashion. Based on this distribution of the states, the algorithm for logical checking of a ltl formula can be simplified and optimised allowing, with few tricky modifications, the design of an efficient algorithm for ctl \(^*\) checking. Some prototype implementations have been developed, allowing to run benchmarks to investigate the parallel behaviour of our algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

Notes

  1. More details on their modelling, semantics and attacks can be found in [6, 16].

References

  1. Armando A, Carbone R, Compagna L (2009) Ltl model checking for security protocols. Appl Non Class Log 19(4):403–429

    Article  MATH  MathSciNet  Google Scholar 

  2. Armando A, et al (2005) The AVISPA tool for the automated validation of Internet security protocols and applications. In: Etessami K, Rajamani SK (eds) Proceedings of Computer Aided Verification (CAV), LNCS. Springer, vol 3576, pp 281–285

  3. Backes M, Unruh D (2008) Theory and application of cryptology and information security (ASIACRYPT), LNCS. In: Pieprzyk J (ed) Limits of constructive security proofs. Springer, New York, pp 290–307

  4. Barnat J, Brim L, Cëerná I (2002) Property driven distribution of nested dfs. In: Leuschel M, Ultes-Nitsche U (eds) Workshop on verification and computational logic (VCL), vol DSSE-TR-2002-5, pp 1–10. Department of Electronics and Computer Science, University of Southampton (DSSE), UK, Technical Report

  5. Barnat J, Chaloupka J, Pol JVD (2011) Distributed algorithms for SCC decomposition. J Log Comput 21(1):23–44

    Article  MATH  Google Scholar 

  6. Basin D, Cremers C, Meadows C (2011) Model checking security protocols, chap 24. Springer, New York

    Google Scholar 

  7. Bhat G, Cleaveland R, Grumberg O (1995) Efficient on-the-fly model checking for ctl*. In: Proceedings of the 10th Annual IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, pp 388–398

  8. Bisseling RH (2004) Parallel scientific computation. A structured approach using BSP and MPI. Oxford University Press, Oxford

    MATH  Google Scholar 

  9. Blanchet B (2001) An efficient cryptographic protocol verifier based on Prolog rules. In: IEEE CSFW’01. IEEE Computer Society

  10. Blom S, Lisser B, van de Pol J, Weber M (2011) A database approach to distributed state-space generation. J Log Comput 21(1):45–62

    Article  MATH  Google Scholar 

  11. Boukala MC, Petrucci L (2012) Distributed model-checking and counterexample search for ctl logic. IJCCBS 3(1/2):44–59

    Article  Google Scholar 

  12. Brucker AD, Mödersheim S (2009) Integrating automated and interactive protocol verification. In: Formal Aspects in Security and Trust (FAST), LNCS, vol 5983. Springer, New York, pp 248–262

  13. Chaou S, Utard G, Pommereau F (2011) Evaluating a peer-to-peer storage system in presence of malicious peers. In: Smari WW, McIntire JP (eds) High performance computing and simulation (HPCS). IEEE, pp 419–426

  14. Christensen S, Kristensen LM, Mailund T (2001) A sweep-line method for state space exploration. In: Margaria T, Yi W (eds) Proceedings of Tools and Algorithms for the Construction and Analysis of Systems (TACAS), LNCS, vol 2031. Springer, New York, pp 450–464

  15. Ciardo G, Gluckman J, Nicol DM (1998) Distributed state space generation of discrete-state stochastic models. INFORMS J Computg 10(1):82–93

    Article  Google Scholar 

  16. Comon-Lundh H, Cortier V (2011) How to prove security of communication protocols? a discussion on the soundness of formal models w.r.t. computational ones. In: STACS, pp 29–44

  17. Cortier V, Degrieck J, Delaune S (2012) Principles of security and trust (POST), LNCS. In: Degano P, Guttman JD (eds) Analysing routing protocols: four nodes topologies are sufficient. Springer, New York, pp 30–50

    Google Scholar 

  18. Cremers CJF (2006) Scyther-semantics and verification of security protocols. Ph.D. thesis, Technische Universiteit Eindhoven

  19. Cremers JF, Lafourcade P, Nadeau P (2009) Comparing state spaces in automatic security protocol analysis. In: Formal to Practical Security, LNCS, vol 5458. Springer, New York, pp 70–94

  20. Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MATH  MathSciNet  Google Scholar 

  21. Evangelista S, Kristensen LM (2012) Application and theory of petri nets, LNCS. In: Haddad S, Pomello L (eds) Hybrid on-the-fly ltl model checking with the sweep-line method. Springer, New York, pp 248–267

    Google Scholar 

  22. Ezekiel J, Lüttgen G (2008) Measuring and evaluating parallel state-space exploration algorithms. Electron Notes Theor Comput Sci 198(1):47–61

    Article  Google Scholar 

  23. Fokkink W, Dashti MT, Wijs A (2010) Conference on Application of Concurrency to System Design (ACSD). In: Gomes L, Khomenko V, Fernandes JM (eds) Partial order reduction for branching security protocols. IEEE Computer Society, Portugal, pp 191–200

    Google Scholar 

  24. Garavel H, Mateescu R, Smarandache IM (2001) Proceedings of SPIN, LNCS. In: Dwyer MB (ed) Parallel state space construction for model-checking. Springer, New York, pp 217–234

    Google Scholar 

  25. Goranko V, Kyrilov A, Shkatov D (2010) Tableau tool for testing satisfiability in ltl: implementation and experimental analysis. Electron Notes Theor Comput Sci 262:113–125

    Article  MathSciNet  Google Scholar 

  26. Guedj M (2012) Bsp algorithms for ltl & ctl* model checking of security protocols. Ph.D. thesis, University of Paris-Est

  27. Hinsen K (2007) Parallel scripting with Python. Comput Sci Eng 9(6):82–89

    Google Scholar 

  28. Holzmann G, Peled D, Yannakakis M (1996) The spin verification system. On nested depth first search (extended abstract). American Mathematical Society, USA, pp 23–32

    Google Scholar 

  29. Inggs C, Barringer H, Nenadic A, Zhang N (2004) Model checking a security protocol. In: Southern African Telecommunications Network and Applications Conference (SATNAC)

  30. Inggs CP, Barringer H (2006) Ctl\(^{\text{* }}\) model checking on a shared-memory architecture. Form Methods Syst Des 29(2):135–155

    Article  MATH  Google Scholar 

  31. Losup A, Sonmez O, Anoep S, Epema D (2008) The performance of bags-of-tasks in large-scale distributed systems. In: Symposium on High performance distributed computing (HPDC). ACM, USA, pp 97–108

  32. Kremer S, Markowitch O, Zhou J (2002) An intensive survey of fair non-repudiation protocols. Comput Commun 25(17):1606–1621

    Article  Google Scholar 

  33. Kumar R, Mercer EG (2005) Load balancing parallel explicit state model checking. In: ENTCS, vol 128. Elsevier, Amsterdam, pp 19–34

  34. Lerda F, Sista R (1999) Proceedings of SPIN, no. 1680 in LNCS. In: Dams D, Gerth R, Leue S, Massink M (eds) Distributed-memory model checking with SPIN. Springer, New York, pp 22–39

    Google Scholar 

  35. Leucker M, Somla R, Weber M (2003) Parallel model checking for ltl, ctl*, l. Electron Notes Theor Comput Sci 1–1

  36. Margaria T, Steffen B (eds) (1996) Tools and algorithms for construction and analysis of systems (TACAS), LNCS. Breaking and fixing the needham-schroeder public-key protocol using fdr. Springer, New York, pp 147–166

  37. Maggi P, Sisto R (2002) Model Checking of Software (SPIN), LNCS. In: Bosnacki D, Leue S (eds) Using spin to verify security properties of cryptographic protocols. Springer, New York, pp 187–204

    Google Scholar 

  38. Mitchell JC, Mitchell M, Stern U (1997) Automated analysis of cryptographic protocols using murphi. In: IEEE Symposium on Security and Privacy. IEEE Computer Society, pp 141–151

  39. Orzan S, van de Pol J, Espada M (2005) A state space distributed policy based on abstract interpretation. In: ENTCS, vol 128. Elsevier, Amsterdam, pp 35–45

  40. Paulson LC (1998) The inductive approach to verifying cryptographic protocols. J Comput Secur 6(1–2):85–128

    Google Scholar 

  41. Petcu D (2003) Parallel explicit state reachability analysis and state space construction. In: Proceedings of ISPDC. IEEE Computer Society, pp 207–214

  42. Pommereau F (2010) Algebras of coloured petri nets. Lambert Academic Publisher, Germany (ISBN 978-3-8433-6113-2)

    Google Scholar 

  43. Stern U, Dill DL (2001) Parallelizing the murj verifier. Form Methods Syst Des 18(2):117–129

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LACL, University of Paris-East, Créteil, France

    Frédéric Gava & Michaël Guedj

  2. IBISC, University of Évry, Évry, France

    Franck Pommereau

Authors
  1. Frédéric Gava
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Franck Pommereau
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michaël Guedj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Frédéric Gava.

Electronic supplementary material

Below is the link to the electronic supplementary material.

Supplementary material 1 (ppt 491 KB)

Rights and permissions

Reprints and permissions

About this article

Cite this article

Gava, F., Pommereau, F. & Guedj, M. A BSP algorithm for on-the-fly checking CTL* formulas on security protocols. J Supercomput 69, 629–672 (2014). https://doi.org/10.1007/s11227-014-1099-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-014-1099-8

Keywords

Search

Navigation