Title :
Towards a completeness result for model checking of security protocols
Author_Institution :
Dept. of Math. & Comput. Sci., Leicester Univ., UK
Abstract :
Model checking approaches to the analysis of security protocols have proved remarkably successful. The basic approach is to produce a model of a small system running the protocol, together with a model of the most general intruder who can interact with the protocol, and then to use a state exploration tool to search for attacks. This has led to a number of new attacks upon protocols being discovered. However if no attack is found, this only tells one that there is no attack upon the small system modelled; there may be an attack upon some larger system. This is the question considered in the paper: the author presents sufficient conditions on the protocol and its environment such that if there is no attack upon a particular small system (with one honest agent for each role of the protocol) leading to a breach of secrecy (using a fairly strong definition of secrecy), then there is no attack on any larger system leading to a breach of secrecy (using a more general definition of secrecy)
Keywords :
protocols; security of data; attack search; completeness result; intruder; model checking; secrecy breach; security protocols; small system; state exploration tool; Authentication; Communication networks; Communication system control; Computer science; Computer security; Control systems; Information security; Mathematical model; Mathematics; Protocols;
Conference_Titel :
Computer Security Foundations Workshop, 1998. Proceedings. 11th IEEE
Conference_Location :
Rockport, MA
Print_ISBN :
0-8186-8488-7
DOI :
10.1109/CSFW.1998.683159
