Affiliation:
1. LITIO Lab., Université Oran1, Oran, Algeria
Abstract
Cryptographic protocols form the backbone of digital society. They are concurrent multiparty communication protocols that use cryptography to achieve security goals such as confidentiality, authenticity, integrity, etc., in the presence of adversaries. Unfortunately, protocol verification still represents a critical task and a major cost to engineer attack-free security protocols. Model checking and SAT-based techniques proved quite effective in this context. This article proposes an efficient automatic model checking approach that exemplifies a security property violation. In this approach, a protocol verification is abstracted as a compact planning problem, which is efficiently solved by a state-of-the-art SAT solver. The experiments performed on some real-world cryptographic protocols succeeded in detecting new logical attacks, violating some security properties. Those attacks encompass both “type flaw” and “replay” attacks, which are difficult to tackle with the existing planning-based approaches.
Reference27 articles.
1. Vérification des protocoles cryptographiques avec le langage PDDL et les solveurs SAT;N.Aribi;JFPC 2008 – Quatrièmes Journées Francophones de Programmation par Contraintes,2008
2. Armando, A., Carbone, R., & Compagna, L. (2014). SATMC: A SAT-Based Model Checker for Security-Critical Systems. In Tacas. Academic Press.
3. Model Checking Security Protocols
4. Ben, S. (2011). Formal verification of cryptographic protocols with automated reasoning. Unpublished doctoral dissertation, University of Birmingham.
5. An efficient cryptographic protocol verifier based on prolog rules