Abstractions for security protocol verification

Binh Thanh Nguyen; Christoph Sprenger; Cas Cremers

doi:10.3233/JCS-15769

Abstractions for security protocol verification

Binh Thanh Nguyen
, Christoph Sprenger
, Cas Cremers

Institute of Networks and Security

Research output: Contribution to journal › Article › peer-review

Abstract

We present a large class of security protocol abstractions with the aim of improving the scope and efficiency of verification tools. </span>We propose abstractions that transform a term\textquoterights structure based on its\ type as well as abstractions that remove atomic messages, variables, and redundant terms.\ Our theory improves on previous work by supporting rewrite theories with the finite-variant property, user-defined types, and untyped variables to cover type flaw attacks.\ We prove soundness results for an expressive property language that includes secrecy and authentication.\ Applying our abstractions to realistic IETF protocol models, we achieve dramatic speedups and extend the scope of several modern security protocol analyzers

Original language	English
Pages (from-to)	459–508
Number of pages	50
Journal	Journal of Computer Security
Volume	26
Issue number	4
DOIs	https://doi.org/10.3233/JCS-15769
Publication status	Published - 2018

Fields of science

102 Computer Sciences
102016 IT security

JKU Focus areas

Engineering and Natural Sciences (in general)

Access to Document

10.3233/JCS-15769

Cite this

@article{30751eceddad4168aedc08908adfaf28,

title = "Abstractions for security protocol verification",

abstract = "We present a large class of security protocol abstractions with the aim of improving the scope and efficiency of verification tools. We propose abstractions that transform a term\textbackslash{}textquoterights structure based on its\textbackslash{}\ type as well as abstractions that remove atomic messages, variables, and redundant terms.\textbackslash{}\ Our theory improves on previous work by supporting rewrite theories with the finite-variant property, user-defined types, and untyped variables to cover type flaw attacks.\textbackslash{}\ We prove soundness results for an expressive property language that includes secrecy and authentication.\textbackslash{}\ Applying our abstractions to realistic IETF protocol models, we achieve dramatic speedups and extend the scope of several modern security protocol analyzers",

author = "Nguyen, \{Binh Thanh\} and Christoph Sprenger and Cas Cremers",

year = "2018",

doi = "10.3233/JCS-15769",

language = "English",

volume = "26",

pages = "459–508",

journal = "Journal of Computer Security",

issn = "1875-8924",

publisher = "IOS Press",

number = "4",

}

TY - JOUR

T1 - Abstractions for security protocol verification

AU - Nguyen, Binh Thanh

AU - Sprenger, Christoph

AU - Cremers, Cas

PY - 2018

Y1 - 2018

N2 - We present a large class of security protocol abstractions with the aim of improving the scope and efficiency of verification tools. We propose abstractions that transform a term\textquoterights structure based on its\ type as well as abstractions that remove atomic messages, variables, and redundant terms.\ Our theory improves on previous work by supporting rewrite theories with the finite-variant property, user-defined types, and untyped variables to cover type flaw attacks.\ We prove soundness results for an expressive property language that includes secrecy and authentication.\ Applying our abstractions to realistic IETF protocol models, we achieve dramatic speedups and extend the scope of several modern security protocol analyzers

AB - We present a large class of security protocol abstractions with the aim of improving the scope and efficiency of verification tools. We propose abstractions that transform a term\textquoterights structure based on its\ type as well as abstractions that remove atomic messages, variables, and redundant terms.\ Our theory improves on previous work by supporting rewrite theories with the finite-variant property, user-defined types, and untyped variables to cover type flaw attacks.\ We prove soundness results for an expressive property language that includes secrecy and authentication.\ Applying our abstractions to realistic IETF protocol models, we achieve dramatic speedups and extend the scope of several modern security protocol analyzers

UR - https://content.iospress.com/journals/journal-of-computer-security/26/4

UR - https://www.scopus.com/pages/publications/85050384333

U2 - 10.3233/JCS-15769

DO - 10.3233/JCS-15769

M3 - Article

SN - 1875-8924

VL - 26

SP - 459

EP - 508

JO - Journal of Computer Security

JF - Journal of Computer Security

IS - 4

ER -

Abstractions for security protocol verification

Abstract

Fields of science

JKU Focus areas

Access to Document

Other files and links

Cite this