基于插值的安全协议验证方法

J. Comput. Secur. Pub Date : 2017-08-24 DOI:10.3233/JCS-16832

M. Rocchetto, L. Viganò, Marco Volpe

{"title":"基于插值的安全协议验证方法","authors":"M. Rocchetto, L. Viganò, Marco Volpe","doi":"10.3233/JCS-16832","DOIUrl":null,"url":null,"abstract":"Interpolation has been successfully applied in formal methods for model checking and test-case generation for sequential programs. Security protocols, however, exhibit such idiosyncrasies that make them unsuitable to the direct application of interpolation. We address this problem and present an interpolation-based method for security protocol verification. Our method starts from a protocol specification and combines Craig interpolation, symbolic execution and the standard Dolev-Yao intruder model to search for possible attacks on the protocol. Interpolants are generated as a response to search failure in order to prune possible useless traces and speed up the exploration. We illustrate our method by means of concrete examples and discuss the results obtained by using a prototype implementation.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An interpolation-based method for the verification of security protocols\",\"authors\":\"M. Rocchetto, L. Viganò, Marco Volpe\",\"doi\":\"10.3233/JCS-16832\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Interpolation has been successfully applied in formal methods for model checking and test-case generation for sequential programs. Security protocols, however, exhibit such idiosyncrasies that make them unsuitable to the direct application of interpolation. We address this problem and present an interpolation-based method for security protocol verification. Our method starts from a protocol specification and combines Craig interpolation, symbolic execution and the standard Dolev-Yao intruder model to search for possible attacks on the protocol. Interpolants are generated as a response to search failure in order to prune possible useless traces and speed up the exploration. We illustrate our method by means of concrete examples and discuss the results obtained by using a prototype implementation.\",\"PeriodicalId\":142580,\"journal\":{\"name\":\"J. Comput. Secur.\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"J. Comput. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3233/JCS-16832\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/JCS-16832","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

插值已成功地应用于序列程序的模型检查和测试用例生成的形式化方法中。然而，安全协议表现出这样的特性，使它们不适合直接应用插值。我们解决了这个问题，并提出了一种基于插值的安全协议验证方法。我们的方法从协议规范出发，结合Craig插值、符号执行和标准的Dolev-Yao入侵者模型来搜索对协议可能的攻击。插值是作为对搜索失败的响应而生成的，目的是修剪可能无用的痕迹，加快搜索速度。我们通过具体的例子来说明我们的方法，并讨论了使用原型实现所得到的结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

An interpolation-based method for the verification of security protocols

Interpolation has been successfully applied in formal methods for model checking and test-case generation for sequential programs. Security protocols, however, exhibit such idiosyncrasies that make them unsuitable to the direct application of interpolation. We address this problem and present an interpolation-based method for security protocol verification. Our method starts from a protocol specification and combines Craig interpolation, symbolic execution and the standard Dolev-Yao intruder model to search for possible attacks on the protocol. Interpolants are generated as a response to search failure in order to prune possible useless traces and speed up the exploration. We illustrate our method by means of concrete examples and discuss the results obtained by using a prototype implementation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

J. Comput. Secur.

自引率

0.00%

发文量

期刊最新文献

Data privacy in the Internet of Things based on anonymization: A review A mutation-based approach for the formal and automated analysis of security ceremonies StegEdge: Privacy protection of unknown sensitive attributes in edge intelligence via deception IsaNet: A framework for verifying secure data plane protocols A review on cloud security issues and solutions