Advanced method for cryptographic protocol verification

Authors:
Nabil El Kadhi;Hazem El-Gendy
Affiliations:
14-16 rue voltaire 94270 Kremelin Bicetre, France;Ministry of Endownments of Egypt, 65 Al Answer Str., Mohandseen, Giza, Egypt. Tel.: +20 2 7607962/ Fax: +20 2 3369686/ Mobile: +20 101631692/ E-mail: H_ElGendy@masrawy.com
Venue:
Journal of Computational Methods in Sciences and Engineering - Selected papers from the International Conference on Computer Science, Software Engineering, Information Technology, e-Business, and Applications, 2004
Year:
2006

Citing 19
Cited 0

Compilers: principles, techniques, and tools

Compilers: principles, techniques, and tools
A protocol test generation procedure

Computer Networks and ISDN Systems
Formal Methods for Protocol Testing: A Detailed Study

IEEE Transactions on Software Engineering
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
The digital signature standard

Communications of the ACM
Message authentication with one-way hash functions

ACM SIGCOMM Computer Communication Review
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
An attack on the Needham-Schroeder public-key authentication protocol

Information Processing Letters
An approach to the formal verification of cryptographic protocols

CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Formal verification in a commercial setting

DAC '97 Proceedings of the 34th annual Design Automation Conference
A calculus for cryptographic protocols: the spi calculus

Proceedings of the 4th ACM conference on Computer and communications security
A new technique for generating protocol test

SIGCOMM '85 Proceedings of the ninth symposium on Data communications
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Testing Finite-State Machines: State Identification and Verification

IEEE Transactions on Computers
Secrecy by Typing inSecurity Protocols

TACS '97 Proceedings of the Third International Symposium on Theoretical Aspects of Computer Software
SG Logic- A Formal Analysis Technique for Authentication Protocols

Proceedings of the 5th International Workshop on Security Protocols
Proving Properties of Security Protocols by Induction

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Transformation of Lotos specifications to Estelle specifications

ISCC '97 Proceedings of the 2nd IEEE Symposium on Computers and Communications (ISCC '97)
Testing Software Design Modeled by Finite-State Machines

IEEE Transactions on Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Based on a previous work using abstract interpretation for secret property verification, we propose a new method for protocol verification combining abstract interpretation for Input/Output set description and finite state machine for property propagation and verification. Generating Input/Output set for FSM is a bit difficult specially when one want to apply such technique on cryptographic protocol implementation. It is true that one can verify protocol specification, but in such case one cannot discover any significant logical follows introduced by implementation. To overcome this, we develop a particular semantic defined for cryptographic protocol verification, that facilitates verifying or detecting a large set of faults and attacks. Faults and attacks will be described as scenarios with a set of preconditions and post conditions. The FSM based method is used to discover a transition is possible from an initial set (inputs) to a final state describing a fault or a global attack state. This semantic along with the model and the verification tool SSPV allow the prove of more key security properties.