Verifying security protocols by knowledge analysis

Authors:
Xiaoqi Ma;Xiaochun Cheng
Affiliations:
School of Systems Engineering, The University of Reading, UK.;Beijing Normal University, China/ The University of Reading, UK/ Middlesex University, UK
Venue:
International Journal of Security and Networks
Year:
2008

Citing 0
Cited 3

Wireless telemedicine and m-health: technologies, applications and research issues

International Journal of Sensor Networks
A survey of security visualization for computer network logs

Security and Communication Networks
A survey of cyber crimes

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes a new interactive method to analyse knowledge of participants involved in security protocols and further to verify the correctness of the protocols. The method can detect attacks and flaws involving interleaving sessions besides normal attacks. The implementation of the method in a generic theorem proving environment, namely Isabelle, makes the verification of protocols mechanical and efficient; it can verify a medium-sized security protocol in less than ten seconds. As an example, the paper finds the flaw in the Needham-Schroeder public key authentication protocol and proves the secure properties and guarantees of the protocol with Lowe's fix to show the effectiveness of this method.