Verification of security protocols using LOTOS-method and application

Authors:
G. Leduc;F. Germeau
Affiliations:
Research Unit in Networking (RUN), Institut Montefiore B28, University of Liège, B-4000 Liege, Belgium;Research Unit in Networking (RUN), Institut Montefiore B28, University of Liège, B-4000 Liege, Belgium
Venue:
Computer Communications
Year:
2000

Citing 12
Cited 4

The Interrogator: Protocol Secuity Analysis

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Introduction to the ISO specification language LOTOS

Computer Networks and ISDN Systems - Special Issue: Protocol Specification and Testing
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
An approach to the formal verification of cryptographic protocols

CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A calculus for cryptographic protocols: the spi calculus

Proceedings of the 4th ACM conference on Computer and communications security
Using CSP to Detect Errors in the TMN Protocol

IEEE Transactions on Software Engineering
Verifying Authentication Protocols in CSP

IEEE Transactions on Software Engineering
Model-Based Verification of a Security Protocol for Conditional Access to Services

Formal Methods in System Design
A Computer Aided Design of a Secure Registration Protocol

FORTE X / PSTV XVII '97 Proceedings of the IFIP TC6 WG6.1 Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols (FORTE X) and Protocol Specification, Testing and Verification (PSTV XVII)
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Semantic Model for Authentication Protocols

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
On the security of public key protocols

IEEE Transactions on Information Theory

Analysis of security protocols as open systems

Theoretical Computer Science
Symbolic Semantics and Analysis for Crypto-CCS with (Almost) Generic Inference Systems

MFCS '02 Proceedings of the 27th International Symposium on Mathematical Foundations of Computer Science
Analysis of a Security Protocol in µCRL

ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Automated Security Protocol Analysis With the AVISPA Tool

Electronic Notes in Theoretical Computer Science (ENTCS)

Quantified Score

Hi-index	0.25

Visualization

Abstract

We explain how the formal language LOTOS can be used to specify security protocols and cryptographic operations. We describe how security properties can be modelled as safety properties and how a model-based verification method can be used to verify the robustness of a protocol against attacks of an intruder. We illustrate our technique on a concrete registration protocol. We find an attack, correct the protocol, propose a simpler yet secure protocol, and finally a more sophisticated protocol that allows a better discrimination between intruder's attacks and classical protocol errors.