Modeling and Analysis of Security Protocols Using Role Based Specifications and Petri Nets

Authors:
Roland Bouroulet;Raymond Devillers;Hanna Klaudel;Elisabeth Pelz;Franck Pommereau
Affiliations:
LACL, Université Paris Est, Créteil F-94010;Département d'Informatique, CP212, Université Libre de Bruxelles,;IBISC, Université d'Evry, bd François Mitterrand, Evry F-91025;LACL, Université Paris Est, Créteil F-94010;LACL, Université Paris Est, Créteil F-94010
Venue:
PETRI NETS '08 Proceedings of the 29th international conference on Applications and Theory of Petri Nets
Year:
2008

Citing 24
Cited 3

An efficient and secure authentication protocol using uncertified keys

ACM SIGOPS Operating Systems Review
An attack on the Needham-Schroeder public-key authentication protocol

Information Processing Letters
A calculus for cryptographic protocols: the spi calculus

Proceedings of the 4th ACM conference on Computer and communications security
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Using encryption for authentication in large networks of computers

Communications of the ACM
Petri net algebra

Petri net algebra
Events in security protocols

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Protocol Verification as a Hardware Design Aid

ICCD '92 Proceedings of the 1991 IEEE International Conference on Computer Design on VLSI in Computer & Processors
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Modelling and Analyzing Cryprographic Protocols Using Petri Nets

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Coloured Petri Nets Extended with Place Capacities, Test Arcs and Inhibitor Arcs

Proceedings of the 14th International Conference on Application and Theory of Petri Nets
Athena: a New Efficient Automatic Checker for Security Protocol Analysis

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Authenticity by Typing for Security Protocols

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A game-based verification of non-repudiation and fair exchange protocols

Journal of Computer Security - IFIP 2000
Automated analysis of cryptographic protocols using Mur/spl phi/

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Analyzing security protocols with secrecy types and logic programs

Journal of the ACM (JACM)
A Computationally Sound Mechanized Prover for Security Protocols

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Modeling and verification of cryptographic protocols using coloured petri nets and design/CPN

Nordic Journal of Computing
Modelling and verification of authentication using enhanced net semantics of SPL (Security Protocol Language)

ACSD '06 Proceedings of the Sixth International Conference on Application of Concurrency to System Design
Computationally sound, automated proofs for security protocols

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
High level petri nets analysis with helena

ICATPN'05 Proceedings of the 26th international conference on Applications and Theory of Petri Nets
The AVISPA tool for the automated validation of internet security protocols and applications

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Formal methods for cryptographic protocol analysis: emerging issues and trends

IEEE Journal on Selected Areas in Communications

Petri nets-based models for basic authentication procedure

COMATIA'10 Proceedings of the 2010 international conference on Communication and management in technological innovation and academic globalization
On-the-Fly trace generation and textual trace analysis and their applications to the analysis of cryptographic protocols

FMOODS'10/FORTE'10 Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Attack trace generation of cryptographic protocols based on coloured Petri nets model

International Journal of Wireless and Mobile Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we introduce a framework composed of a syntax and its compositional Petri net semantics, for the specification and verification of properties (like authentication) of security protocols. The protocol agents (e.g., an initiator, a responder, a server, a trusted third party, ...) are formalized as roles, each of them having a predefined behavior depending on their global and also local knowledge (including for instance public, private and shared keys), and may interact in a potentially hostile environment.The main characteristics of our framework, is that it makes explicit, structured and formal, the usually implicit information necessary to analyse the protocol, for instance the public and private contextof execution. The roles and the environment are expressed using SPL processes and compositionally translated into high-level Petri nets, while the context specifying the global and local knowledge of the participants in the protocol is used to generate the corresponding initial marking (with respect to the studied property). Finally, this representation is used to analyse the protocol properties, applying techniques of simulation and model-checking on Petri nets. The complete approach is illustrated on the case study of the Kao-Chow authentication protocol.