Integrating proof-based and model-checking techniques for the formal verification of cryptographic protocols

To assess the quality and security of cryptographic protocols, we use various formal verification tools, such as Scyther tool, Avispa, ProVerif. these formal verifiers can check the protocol for vulnerability to attacks on secrecy and authentication, as these are the most prevalent attacks on protocols. However, this is not enough to fully analyze the security of the protocol. In this article, we will use linear temporal logic (LTL) model checking with SPIN. This tool, unlike the formal verifiers listed above, is not designed for a specific application in the context of cryptographic protocols; however, it has a very wide range of possibilities. In particular, for each security property, it is possible to describe the behavior of an attacker and test for the stability of the protocol model to its various attacks. The purpose of this work is to describe the developed methodology for verifying the security of authentication properties using the SPIN verifier.

Download Full-text

Memory models for the formal verification of assembler code using bounded model checking

Seventh IEEE International Symposium onObject-Oriented Real-Time Distributed Computing, 2004. Proceedings. ◽

10.1109/isorc.2004.1300338 ◽

2004 ◽

Cited By ~ 1

Author(s):

W. Ecker ◽

V. Esen ◽

T. Steininger ◽

M. Zambaldi

Keyword(s):

Model Checking ◽

Formal Verification ◽

Bounded Model Checking ◽

Memory Models ◽

Assembler Code

Download Full-text

Model Checking Cryptographic Protocols with Interval Temporal Logic

Journal of Convergence Information Technology ◽

10.4156/jcit.vol5.issue10.19 ◽

2010 ◽

Vol 5 (10) ◽

pp. 149-158

Author(s):

Rui Yang ◽

Xiaoju Ning

Keyword(s):

Model Checking ◽

Temporal Logic ◽

Cryptographic Protocols ◽

Interval Temporal Logic

Download Full-text

A Methodology for Automatic Formal Verification of Enterprise Architecture

International Journal of Information System Modeling and Design ◽

10.4018/ijismd.2019010101 ◽

2019 ◽

Vol 10 (1) ◽

pp. 1-19

Author(s):

Eduard Babkin ◽

Pavel Malyzhenkov ◽

Marina Ivanova ◽

Nikita Ponomarev

Keyword(s):

Model Checking ◽

Formal Verification ◽

Iterative Process ◽

Enterprise Architecture ◽

Description Language ◽

Architecture Description Language ◽

Business Modeling ◽

Business Alignment ◽

Architecture Description ◽

Software Prototype

For over a decade, IT-business alignment has been ranked as a top-priority management concern, but there is little research on practical ways to achieve the alignment. EA development is a continuous iterative process, which implicitly ensures the achievement of a specific IT-business alignment level. Therefore, it is necessary to formalize the requirements for architecture and be able to automatically verify them. The authors propose a new methodology for detecting logical contradictions in enterprise architecture models based on a model checking approach adopted in the context of business modeling. In such a methodology, they use ArchiMate standard for a conceptual enterprise architecture description language which is fully aligned with TOGAF. The authors also offer several important verification queries and demonstrate practical applicability of their approach using a software prototype of the modeling tool which exploits MIT Alloy Analyzer model checking framework integrated with AchiMate Archi workbench.

Download Full-text

Formal verification of PAP and EAP-MD5 protocols in wireless networks : GDR model checking

18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004. ◽

10.1109/aina.2004.1283800 ◽

2004 ◽

Cited By ~ 3

Author(s):

Il-Gon Kim ◽

Jin-Young Choi

Keyword(s):

Wireless Networks ◽

Model Checking ◽

Formal Verification

Download Full-text

System Level Formal Verification via Model Checking Driven Simulation

Computer Aided Verification - Lecture Notes in Computer Science ◽

10.1007/978-3-642-39799-8_21 ◽

2013 ◽

pp. 296-312 ◽

Cited By ~ 9

Author(s):

Toni Mancini ◽

Federico Mari ◽

Annalisa Massini ◽

Igor Melatti ◽

Fabio Merli ◽

...

Keyword(s):

Model Checking ◽

Formal Verification ◽

System Level

Download Full-text

A symbolic model checking approach in formal verification of distributed systems

Human-centric Computing and Information Sciences ◽

10.1186/s13673-019-0165-x ◽

2019 ◽

Vol 9 (1) ◽

Cited By ~ 11

Author(s):

Alireza Souri ◽

Amir Masoud Rahmani ◽

Nima Jafari Navimipour ◽

Reza Rezaei

Keyword(s):

Distributed Systems ◽

Model Checking ◽

Formal Verification ◽

Symbolic Model Checking ◽

Symbolic Model

Download Full-text

A SAT-Based Planning Approach for Finding Logical Attacks on Cryptographic Protocols

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2020100101 ◽

2020 ◽

Vol 14 (4) ◽

pp. 1-21

Author(s):

Noureddine Aribi ◽

Yahia Lebbah

Keyword(s):

Model Checking ◽

State Of The Art ◽

Cryptographic Protocols ◽

Protocol Verification ◽

Planning Problem ◽

Multiparty Communication ◽

Planning Approach ◽

Security Properties ◽

Sat Solver ◽

Security Property

Cryptographic protocols form the backbone of digital society. They are concurrent multiparty communication protocols that use cryptography to achieve security goals such as confidentiality, authenticity, integrity, etc., in the presence of adversaries. Unfortunately, protocol verification still represents a critical task and a major cost to engineer attack-free security protocols. Model checking and SAT-based techniques proved quite effective in this context. This article proposes an efficient automatic model checking approach that exemplifies a security property violation. In this approach, a protocol verification is abstracted as a compact planning problem, which is efficiently solved by a state-of-the-art SAT solver. The experiments performed on some real-world cryptographic protocols succeeded in detecting new logical attacks, violating some security properties. Those attacks encompass both “type flaw” and “replay” attacks, which are difficult to tackle with the existing planning-based approaches.

Download Full-text

Model Checking for SpaceWire Error Detection Module

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.241-244.3020 ◽

2012 ◽

Vol 241-244 ◽

pp. 3020-3025

Author(s):

Ling Ling Dong ◽

Yong Guan ◽

Xiao Juan Li ◽

Zhi Ping Shi ◽

Jie Zhang ◽

...

Keyword(s):

Model Checking ◽

Formal Verification ◽

Temporal Logic ◽

Error Detection ◽

System Model ◽

Linear Search ◽

Kripke Structure ◽

Mathematical Methods ◽

Safety Critical ◽

Correctness Of Programs

Considerable attention has been devoted to prove the correctness of programs. Formal verification overcomes the incompleteness by applying mathematical methods to verify a design. SpaceWire is a well known communication standard. For safety-critical applications an approach is needed to validate the completeness of SpareWire design. This paper addresses formal verification of SpareWire error detection module. The system model was constructed by Kripke structure, and the properties were presented by linear temporal logic (LTL). Compared the verification of LTL with CTL (branch temporal logic), LTL properties could improve the verification efficiency due to its linear search. The error priority was checked using simulation guided by model checking. After some properties were modified, all possible behaviors of the module satisfied the specification. This method realizes complete validation of the error detection module.

Download Full-text

THE AUTOMATA INTRUDER MODEL FOR DATA EXCHANGE CRYPTOGRAPHIC PROTOCOLS FORMAL VERIFICATION

Vestnik komp iuternykh i informatsionnykh tekhnologii ◽

10.14489/vkit.2015.07.pp.023-028 ◽

2015 ◽

pp. 23-28

Author(s):

V. A. Borhalenko

Keyword(s):

Formal Verification ◽

Data Exchange ◽

Cryptographic Protocols

Download Full-text