Abstract
With the proliferation of universal clients over Internet, use of security protocols is rapidly on rise to minimize associated risks. Security protocols are required to be verified thoroughly before being used to secure applications. There are several approaches and tools exist to verify security protocols. Out of these one of the more suitable is the Formal approach. In this paper, we give an overview of different formal methods and tools available for security protocol verification.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). In: TCS 2000: Proceedings of the International Conference IFIP on Theoretical Computer Science, Exploring New Frontiers of Theoretical Informatics, pp. 3–22 (2000)
Juan Carlos, L.P., Monroy, R.: Formal support to security protocol development: A survey. Computacion y Sistemas 12(1), 89–108 (2008)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)
Gong, L., Needham, R., Yahalom, R.: Reasoning about belief in cryptographic protocols. In: IEEE Symposium on Security and Privacy, p. 234 (1990)
Brackin, S.H.: A hol extension of gny for automatically analyzing cryptographic protocols. In: CSFW 1996: Proceedings of the 9th IEEE Workshop on Computer Security Foundations, p. 62 (1996)
Chen, Q., Zhang, C., Zhang, S.: Overview of security protocol analysis. In: Chen, Q., Zhang, C., Zhang, S. (eds.) Secure Transaction Protocol Analysis. LNCS, vol. 5111, pp. 17–72. Springer, Heidelberg (2008)
Dolev, D., Yao, A.C.: On the security of public key protocols. In: Annual IEEE Symposium on Foundations of Computer Science, pp. 350–357 (1981)
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)
Lowe, G.: Casper: A compiler for the analysis of security protocols. Journal of Computer Security, 53–84 (1998)
Basin, D.A., Mödersheim, S., Viganò, L.: Ofmc: A symbolic model checker for security protocols. Int. J. Inf. Sec. 4(3), 181–208 (2005)
Basin, D.A.: Lazy infinite-state analysis of security protocols. In: Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) 1999, pp. 30–42 (1999)
Armando, A., Compagna, L.: Satmc: A sat-based model checker for security protocols. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS (LNAI), vol. 3229, pp. 730–733. Springer, Heidelberg (2004)
Boichut, Y., Heam, P.C., Kouchnarenko, O., Oehl, F.: Improvements on the Genet and Klay Technique to Automatically Verify Security Protocols. In: Proc. Int. Workshop on Automated Verification of Infinite-State Systems (AVIS 2004), joint to ETAPS 2004, pp. 1–11 (2004)
Vigan, L.: Automated security protocol analysis with the avispa tool. Electronic Notes in Theoretical Computer Science 155, 61–86 (2006)
Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature. Technical Report 1.0 (1997)
Bozga, L., Lakhnech, Y., Périn, M.: Hermes: An automatic tool for verification of secrecy in security protocols. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 219–222. Springer, Heidelberg (2003)
Goubault-Larrecq, J.: A method for automatic cryptographic protocol verification. In: IPDPS 2000: Proceedings of the 15 IPDPS 2000 Workshops on Parallel and Distributed Processing, pp. 977–984 (2000)
Cortier, V.: A guide for securify. Technical Report 13 (2003)
Millen, J.K., Clark, S.C., Freeman, S.B.: The interrogator: Protocol secuity analysis. IEEE Trans. Softw. Eng. 13(2), 274–288 (1987)
Tarigan, A., Rechnernetze, A., Systeme, V., Bielefeld, U.: Survey in formal analysis of security properties of cryptographic protocol (2002)
Meadows, C.: The nrl protocol analyzer: An overview. The Journal of Logic Programming 26(2), 113–131 (1996)
Clarke, E.M., Jha, S., Marrero, W.R.: Verifying security protocols with brutus. ACM Trans. Softw. Eng. Methodol. 9(4), 443–487 (2000)
Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using murϕ. In: SP 1997: Proceedings of the 1997 IEEE Symposium on Security and Privacy, p. 141 (1997)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW 2001: Proceedings of the 14th IEEE Workshop on Computer Security Foundations, p. 82 (2001)
Cremers, C.: Scyther - Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology (2006)
Song, D., Berezin, S., Perrig, A.: Athena: a novel approach to efficient automatic security protocol analysis. Journal of Computer Security 9, 2001 (2001)
Thayer Fbrega, F.J., Herzog, J.C., Guttman, J.D.: Strand spaces: Why is a security protocol correct? In: Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 160–171 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Patel, R., Borisaniya, B., Patel, A., Patel, D., Rajarajan, M., Zisman, A. (2010). Comparative Analysis of Formal Model Checking Tools for Security Protocol Verification. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-14478-3_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14477-6
Online ISBN: 978-3-642-14478-3
eBook Packages: Computer ScienceComputer Science (R0)