Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties

Author

Schmidt, Benedikt ; Meier, Sebastian ; Cremers, Cas ; Basin, David

Author_Institution

Inst. of Inf. Security, ETH Zurich, Zurich, Switzerland

fYear

2012

fDate

25-27 June 2012

Firstpage

78

Lastpage

94

Abstract

We present a general approach for the symbolic analysis of security protocols that use Diffie-Hellman exponentiation to achieve advanced security properties. We model protocols as multiset rewriting systems and security properties as first-order formulas. We analyze them using a novel constraint-solving algorithm that supports both falsification and verification, even in the presence of an unbounded number of protocol sessions. The algorithm exploits the finite variant property and builds on ideas from strand spaces and proof normal forms. We demonstrate the scope and the effectiveness of our algorithm on non-trivial case studies. For example, the algorithm successfully verifies the NAXOS protocol with respect to a symbolic version of the eCK security model.

Keywords

cryptographic protocols; Diffie-Hellman protocols; NAXOS protocol; advanced security properties; automated analysis; eCK security model; first-order formulas; multiset rewriting systems; novel constraint-solving algorithm; security protocols; Computational modeling; DH-HEMTs; Equations; Mathematical model; Protocols; Public key; Diffie-Hellman; Formal Methods for Security; Key Exchange Protocols; Security Models; Security Protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Symposium (CSF), 2012 IEEE 25th

Conference_Location

Cambridge, MA

ISSN

1940-1434

Print_ISBN

978-1-4673-1918-8

Electronic_ISBN

1940-1434

Type

conf

DOI

10.1109/CSF.2012.25

Filename

6266153