LTL model checking for security protocols

Journal of Applied Non-Classical Logics

Volumn 19, Issue 4, 2009, Pages 403-429

  Armando, Alessandro ^a   Carbone, Roberto ^a   Compagna, Luca ^b  

^a UNIVERSITY OF GENOA   (Italy)

^b SAP Research   (France)

Author keywords

Abstract Communication Channels; Asw; Bounded Model Checking; Ltl; Multi Set Rewriting; Sat Based Model Checking; Security Protocols

Indexed keywords

EID: 84887471494     PISSN: 11663081     EISSN: 19585780     Source Type: Journal    
DOI: 10.3166/jancl.19.403-429     Document Type: Article

References (36)

1. Abadi M., Fournet C., Gonthier G., "Secure Implementation of Channel Abstractions", LICS, pp. 105-116, 1998
2. Armando A., Basin D., Boichut Y., Chevalier Y., Compagna L., Cuellar J., Hankes Drielsma P., Heám P.-C., Mantovani J., Mödersheim S., von Oheimb D., Rusinowitch M., Santiago J., Turuani M., Viganò L., Vigneron L., "The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications", Proceedings of the 17th International Conference on Computer Aided Verification (CAV?05), Springer-Verlag, 2005. Available at www.avispa-project.org
3. Armando A., Carbone R., Compagna L., Cuellar J., Abad L. T., "Formal Analysis of SAML 2.0 Web Browser Single Sign-On: Breaking the SAML-based Single Sign-On for Google Apps", in V. Shmatikov (ed.), Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008), ACM Press, pp. 1-10, 2008
4. Armando A., Compagna L., "Automatic SAT-Compilation of Protocol Insecurity Problems via Reduction to Planning", in D. Peled, M. Vardi (eds), Proceedings of 22nd IFIP WG 6.1 International Conference on Formal Techniques for Networked and Distributed Systems (FORTE), LNCS 2529, Springer-Verlag, pp. 210-225, 2002. Also presented at the FCS & Verify Workshops, Copenhagen, Denmark, July 2002. Available at www. avispa-project.org
5. Armando A., Compagna L., "SATMC: a SAT-based Model Checker for Security Protocols", Proceedings of the 9th European Conference on Logics in Artificial Intelligence (JELIA?04), vol. 3229 of LNAI, Springer-Verlag, Lisbon, Portugal, pp. 730-733, 2004
6. Armando A., Compagna L., "SAT-based Model-Checking for Security Protocols Analysis", International Journal of Information Security (to appear on), 2007. Available at http://www.ai-lab.it/compagna/papers/IJIS-2006/ paper.pdf
7. Armando A., Compagna L., Ganty P., "SAT-based Model-Checking of Security Protocols using Planning Graph Analysis", in K. Araki, S. Gnesi, D. Mandrioli (eds), Proceedings of the 12th International Symposium of Formal Methods Europe (FME), LNCS 2805, Springer- Verlag, pp. 875-893, 2003. Available at www.avispa-project.org
8. Asokan N., Shoup V., Waidner M., "Asynchronous protocols for optimistic fair exchange", Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 86-99, 1998
9. Basin D., "Lazy Infinite-State Analysis of Security Protocols", in R. Baumgart (ed.), Secure Networking - CQRE (Secure)?99, LNCS 1740, Springer-Verlag, pp. 30-42, 1999
10. Basin D., Mödersheim S., Viganò L., "Algebraic Intruder Deductions", in G. Sutcliffe, A. Voronkov (eds), Proceedings of LPAR?05, LNAI 3835, Springer, pp. 549-564, 2005
11. Biere A., Cimatti A., Clarke E., Zhu Y., "Symbolic Model Checking without BDDs", Proceedings of TACAS?99, LNCS 1579, Springer-Verlag, pp. 193-207, 1999
12. Carbone R., LTL Model-Checking for Security Protocols, Phd, Università degli Studi di Genova, Italy, 2009
13. Cederquist J., Dashti M. T., "An intruder model for verifying liveness in security protocols", in M. Winslett, A. D. Gordon, D. Sands (eds), FMSE, ACM, pp. 23-32, 2006
14. Cervesato I., Durgin N., Lincoln P., Mitchell J., Scedrov A., "A meta-notation for protocol analysis", Proceedings of the 12th IEEE Computer Security Foundations Workshop: CSFW?99, IEEE Computer Society Press, pp. 55-69, 1999
15. Chevalier Y., Küsters R., Rusinowitch M., Turuani M., "An NP Decision Procedure for Protocol Insecurity with XOR", Proceedings of the Logic In Computer Science Conference, LICS?03, pp. 261-270, 2003. Available at http://www.avispa-project.org
16. Clark J., Jacob J., "A Survey of Authentication Protocol Literature: Version 1.0, 17. Nov. 1997", n.d., URL: www.cs.york.ac.uk/~jac/papers/ drareview.ps.gz.
17. Cohen E., "Proving Protocols Safe from Guessing", Proceedings of Foundations of Computer Security 2002, pp. 85-92, 2002
18. Comon-Lundh H., Delaune S., "The finite variant property: How to get rid of some algebraic properties", in J. Giesl (ed.), Proceedings of the 16th International Conference on Rewriting Techniques and Applications (RTA?05), vol. 3467 of Lecture Notes in Computer Science, Springer, Nara, Japan, pp. 294-307, April, 2005
19. Corin R., Etalle S., Saptawijaya A., "A Logic for Constraint-based Security Protocol Analysis", IEEE Symposium on Security and Privacy, 2006
20. Dilloway C., Lowe G., "On the Specification of Secure Channels", Proceedings of theWorkshop on Issues in the Theory of Security (WITS ?07), 2007
21. Dolev D., Yao A., "On the Security of Public-Key Protocols", IEEE Transactions on Information Theory, 1983
22. Drielsma P. H., Mödersheim S., Viganò L., Basin D. A., "Formalizing and Analyzing Sender Invariance", in T. Dimitrakos, F. Martinelli, P. Y. A. Ryan, S. A. Schneider (eds), Formal Aspects in Security and Trust, vol. 4691 of Lecture Notes in Computer Science, Springer, pp. 80-95, 2006
23. Gross T., Pfitzmann B., Sadeghi A.-R., "Browser Model for Security Analysis of Browser-Based Protocols", Proceedings of the Eight ESORICS, vol. 3679 of Lecture Notes in Computer Science, Springer-Verlag, Berlin Germany, October, 2005
24. Hankes Drielsma P., Mödersheim S., "The ASW Protocol Revisited: A Unified View", Proceedings of the IJCAR04 Workshop ARSPA, 2004. To appear in ENTCS, available at http://www.avispa-project.org
25. Hankes Drielsma P., Mödersheim S., Viganò L., "A Formalization of Off-Line Guessing for Security Protocol Analysis", in F. Baader, A. Voronkov (eds), Proceedings of LPAR?04, vol. 3452 of LNAI, Springer, pp. 363-379, 2005
26. Jacquemard F., Rusinowitch M., Vigneron L., "Compiling and Verifying Security Protocols", in M. Parigot, A. Voronkov (eds), Proceedings of LPAR 2000, LNCS 1955, Springer-Verlag, pp. 131-160, 2000
27. Kähler D., Küsters R., Truderung T., Infinite State AMC-Model Checking for Cryptographic Protocols, Technical Report num. 0702, Institut für Informatik, CAU Kiel, Germany, 2007a.
28. Kähler D., Küsters R., Truderung T., "Infinite State AMC-Model Checking for Cryptographic Protocols", Proceedings of the Twenty-Second Annual IEEE Symposium on Logic in Computer Science (LICS 2007), IEEE, Computer Society Press, pp. 181-190, 2007b
29. Klay F., Vigneron L., "Automatic Methods for Analyzing Non-Repudiation Protocols with an Active Intruder", in P. Degano, J. Guttman, F. Martinelli (eds), 5th International Workshop on Formal Aspects in Security and Trust (FAST), pp. 165-180, 2008. To appear as LNCS
30. Lowe G., "Analysing protocols subject to guessing attacks", in J. Guttman (ed.), Workshop on Issues in the Theory of Security (WITS?02), Portland, Oregon, USA, January, 2002
31. Maurer U. M., Schmid P. E., "A Calculus for Security Bootstrapping in Distributed Systems", Journal of Computer Security, vol. 4, num. 1, pp. 55-80, 1996
32. Meadows C., "The NRL Protocol Analyzer: An Overview", Journal of Logic Programming, vol. 26, num. 2, pp. 113-131, 1996. See http://chacs.nrl.navy.mil/projects/crypto.html
33. Millen J. K., Shmatikov V., "Constraint solving for bounded-process cryptographic protocol analysis", Proceedings of the ACM Conference on Computer and Communications Security CCS?01, pp. 166-175, 2001
34. Mödersheim S., Viganò L., Secure Pseudonymous Channels, Technical Report num. RZ3724, IBM Zurich Research Lab, 2008. domino.research.ibm.com/library/cyberdig. nsf
35. Raskin J., Kremer S., "Game Analysis of Abuse-free Contract Signing", 15th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press, pp. 206-220, June, 2002
36. Shmatikov V., Mitchell J. C., "Finite-state analysis of two contract signing protocols", Theoretical Computer Science, vol. 283, num. 2, pp. 419-450, 2002