Strong invariants for the efficient construction of machine-checked protocol security proofs

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2010, Pages 231-245

  Meier, Simon ^a   Cremers, Cas ^a   Basin, David ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

Automatic tools; Formal methods; Security protocols; Theorem proving

Indexed keywords

AUTOMATIC PROOFS; AUTOMATIC TOOLS; CORRECTNESS PROOFS; EFFICIENT CONSTRUCTION; HUMAN-READABLE; INTERACTIVE THEOREM PROVER; ISABELLE/HOL; OPERATIONAL SEMANTICS; PROTOCOL SECURITY; SECURITY PROTOCOLS;

FORMAL METHODS; NETWORK PROTOCOLS; PROBLEM SOLVING; SECURITY SYSTEMS; THEOREM PROVING;

NETWORK SECURITY;

EID: 77957568200     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2010.23     Document Type: Conference Paper

References (37)

1. L. C. Paulson, "The inductive approach to verifying cryptographic protocols, " Journal of Computer Security, vol. 6, pp. 85-128, 1998.
2. T. Nipkow, L. C. Paulson, and M. Wenzel, Isabelle/HOL - A Proof Assistant for Higher-Order Logic, ser. Lecture Notes in Computer Science. Springer, 2002, vol. 2283.
3. L. C. Paulson, "Inductive analysis of the internet protocol TLS, " ACM Trans. Inf. Syst. Secur., vol. 2, no. 3, pp. 332- 351, 1999.
4. G. Bella and L. C. Paulson, "Kerberos version 4: Inductive analysis of the secrecy goals, " in ESORICS, ser. Lecture Notes in Computer Science, J.-J. Quisquater, Y. Deswarte, C. Meadows, and D. Gollmann, Eds., vol. 1485. Springer, 1998, pp. 361-375.
5. G. Bella, F. Massacci, and L. C. Paulson, "Verifying the SET purchase protocols, " J. Autom. Reasoning, vol. 36, pp. 5-37, 2006.
6. D. Song, S. Berezin, and A. Perrig, "Athena: A novel approach to efficient automatic security protocol analysis, " Journal of Computer Security, vol. 9, pp. 47-74, 2001.
7. B. Blanchet, "Automatic verification of correspondences for security protocols, " Journal of Computer Security, vol. 17, no. 4, pp. 363-434, 2009.
8. C. Cremers, "Unbounded verification, falsification, and characterization of security protocols by pattern refinement, " in CCS '08: Proceedings of the 15th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2008, pp. 119-128.
9. S. Berezin, "Model checking and theorem proving: a unified framework, " Ph.D. dissertation, Carnegie Mellon University, Jan. 2002.
10. -, "Extensions to Athena: Constraint satisfiability problem and new pruning theorems based on type system extensions for messages, " 2001, unpublished manuscript.[Online]. Available: http://www.sergeyberezin.com/papers/ athena-extensions.ps.
11. C. Cremers and S. Mauw, "Operational semantics of security protocols, " in Scenarios: Models, Transformations and Tools, International Workshop, Dagstuhl Castle, Germany, September 7-12, 2003, Revised Selected Papers, ser. Lecture Notes in Computer Science, S. Leue and T. Systä, Eds., vol. 3466. Springer, 2005.
12. A. Brucker and S. Mödersheim, "Integrating automated and interactive protocol verification, " in Workshop on Formal Aspects in Security and Trust (FAST 2009), P. Degano and J. Guttman, Eds., 2009.
13. J. Goubault-Larrecq, "Towards producing formally checkable security proofs, automatically, " in CSF. IEEE Computer Society, 2008, pp. 224-238.
14. F. Baader and T. Nipkow, Term rewriting and all that. New York, NY, USA: Cambridge University Press, 1998.
15. G. Lowe, "A hierarchy of authentication specifications, " in CSFW. IEEE Computer Society, 1997, pp. 31-44.
16. C. Cremers, S. Mauw, and E. de Vink, "Injective synchronisation: An extension of the authentication hierarchy, " Theor. Comput. Sci., vol. 367, pp. 139-161, 2006.
17. M. J. C. Gordon, "Mechanizing programming logics in higher order logic, " pp. 387-439, 1989.
18. J. Heather, G. Lowe, and S. Schneider, "How to prevent type flaw attacks on security protocols, " in CSFW, 2000, pp. 255- 268.
19. Y. Li, W. Yang, and C.-W. Huang, "On preventing type flaw attacks on security protocols with a simplified tagging scheme, " J. Inf. Sci. Eng., vol. 21, no. 1, pp. 59-84, 2005.
20. M. Arapinis and M. Duflot, "Bounding messages for free in security protocols, " in FSTTCS, ser. Lecture Notes in Computer Science, V. Arvind and S. Prasad, Eds., vol. 4855. Springer, 2007, pp. 376-387.
21. N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov, "Undecidability of bounded security protocols, " in Proceedings of the Workshop on Formal Methods and Security Protocols - FMSP, Trento, Italy, N. Heintze and E. Clarke, Eds., 1999.
22. M. Wenzel, L. C. Paulson, and T. Nipkow, "The Isabelle framework, " in TPHOLs, ser. Lecture Notes in Computer Science, O. A. Mohamed, C. Muñoz, and S. Tahar, Eds., vol. 5170. Springer, 2008, pp. 33-38.
23. "Source code of the Isabelle/HOL formalization and the automatic proof generation tool presented in this paper, " April 2010. [Online]. Available:https://www.infsec.ethz.ch/research/software.
24. L. C. Paulson, "Relations between secrets: Two formal analyses of the Yahalom protocol, " Journal of Computer Security, vol. 9, no. 3, pp. 197-216, 2001.
25. G. Bella, Formal Correctness of Security Protocols (Information Security and Cryptography). Secaucus, NJ, USA: Springer-Verlag New York, Inc., 2007.
26. H. Comon and V. Cortier, "Tree automata with one memory set constraints and cryptographic protocols, " Theor. Comput. Sci., vol. 331, no. 1, pp. 143-214, 2005.
27. F. Blanqui, "An Isabelle formalization of protocolindependent secrecy with an application to e-commerce, " CoRR, vol. abs/cs/0610069, 2006.
28. N. Evans and S. A. Schneider, "Verifying security protocols with PVS: widening the rank function approach, " J. Log. Algebr. Program., vol. 64, no. 2, pp. 253-284, 2005.
29. S. Schneider, "Verifying authentication protocols with CSP, " in CSFW, 1997, pp. 3-17.
30. B. Jacobs and I. Hasuo, "Semantics and logic for security protocols, " J. Comput. Secur., no. 6, pp. 909-944, 2009.
31. F. J. Thayer, J. C. Herzog, and J. D. Guttman, "Strand spaces: Proving security protocols correct, " Journal of Computer Security, vol. 7, no. 1, 1999.
32. J. D. Guttman, "Authentication tests and disjoint encryption: A design method for security protocols, " Journal of Computer Security, vol. 12, pp. 409-433, 2004.
33. J. Goubault-Larrecq, "Finite models for formal security proofs, " Journal of Computer Security, 2010, to appear.
34. S. Mödersheim and L. Viganò, "The Open-source Fixed-point Model Checker for symbolic analysis of security protocols, " in FOSAD, ser. Lecture Notes in Computer Science, A. Aldini, G. Barthe, and R. Gorrieri, Eds., vol. 5705. Springer, 2009, pp. 166-194.
35. "Protocol Composition Logic (PCL), " http://crypto.stanford. edu/protocols/.
36. S. Matsuo, K. Miyazaki, A. Otsuka, and D. Basin, "How to evaluate the security of real-life cryptographic protocols? the cases of ISO/IEC 29128 and CRYPTREC, " in Financial Cryptography, 2010, to appear.
37. S. F. Doghmi, J. D. Guttman, and F. J. Thayer, "Searching for shapes in cryptographic protocols, " in TACAS, ser. Lecture Notes in Computer Science, O. Grumberg and M. Huth, Eds., vol. 4424. Springer, 2007, pp. 523-537.