A Verification Framework for Stateful Security Protocols

Li, Li; Dong, Naipeng; Pang, Jun; Sun, Jun; Bai, Guangdong; Liu, Yang; Dong, Jin Song

doi:10.1007/978-3-319-68690-5_16

View/Open

SunPUB2838.pdf (531.0Kb)

File version

Accepted Manuscript (AM)

Author(s)

Li, Li

Dong, Naipeng

Pang, Jun

Sun, Jun

Bai, Guangdong

Liu, Yang

Dong, Jin Song

Griffith University Author(s)

Dong, Jin-Song

Year published

2017

Metadata

Show full item record

Abstract

A long-standing research problem is how to efficiently verify security protocols with tamper-resistant global states, especially when the global states evolve unboundedly. We propose a protocol specification framework, which facilitates explicit modeling of states and state transformations. On the basis of that, we develop an algorithm for verifying security properties of protocols with unbounded state-evolving, by tracking state transformation and checking the validity of the state-evolving traces. We prove the correctness of the verification algorithm, implement both of the specification framework and the algorithm, and ...
View more >A long-standing research problem is how to efficiently verify security protocols with tamper-resistant global states, especially when the global states evolve unboundedly. We propose a protocol specification framework, which facilitates explicit modeling of states and state transformations. On the basis of that, we develop an algorithm for verifying security properties of protocols with unbounded state-evolving, by tracking state transformation and checking the validity of the state-evolving traces. We prove the correctness of the verification algorithm, implement both of the specification framework and the algorithm, and evaluate our implementation using a number of stateful security protocols. The experimental results show that our approach is both feasible and practically efficient. Particularly, we have found a security flaw on the digital envelope protocol, which cannot be detected with existing security protocol verifiers.
View less >

Journal Title

Lecture Notes in Computer Science

Volume

10610

DOI

https://doi.org/10.1007/978-3-319-68690-5_16

Copyright Statement

© 2017 Springer International Publishing AG. This is an electronic version of an article published in Lecture Notes In Computer Science (LNCS), Vol 10610 pp. 262-262, 2017. Lecture Notes In Computer Science (LNCS) is available online at: http://link.springer.com// with the open URL of your article.

Subject

Other information and computing sciences not elsewhere classified

Publication URI

http://hdl.handle.net/10072/370470

Collection

Journal articles