Journal Article10.1007/S10207-007-0041-Y
SAT-based model-checking for security protocols analysis
Alessandro Armando,Luca Compagna +1 more
131
TL;DR: Experimental results indicate that the approach scales up to industrial strength security protocols with performance comparable with (and in some cases superior to) that of other state-of-the-art protocol analysers.
read more
Abstract: We present a model checking technique for security protocols based on a reduction to propositional logic. At the core of our approach is a procedure that, given a description of the protocol in a multi-set rewriting formalism and a positive integer k, builds a propositional formula whose models (if any) correspond to attacks on the protocol. Thus, finding attacks on protocols boils down to checking a propositional formula for satisfiability, problem that is usually solved very efficiently by modern SAT solvers. Experimental results indicate that the approach scales up to industrial strength security protocols with performance comparable with (and in some cases superior to) that of other state-of-the-art protocol analysers.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps
Alessandro Armando,Roberto Carbone,Luca Compagna,Jorge Cuellar,Llanos Tobarra +4 more
- 27 Oct 2008
TL;DR: This paper provides formal models of the protocol corresponding to one of the most applied use case scenario (the SP-Initiated SSO with Redirect/POST Bindings) and of a variant of the Protocol implemented by Google and currently in use by Google's customers (the SAML-based SSO for Google Applications), and mechanically analysed these formal models with SATMC, a state-of-the-art model checker for security protocols.
SATMC: A SAT-based model checker for security protocols
Alessandro Armando,Luca Compagna +1 more
- 27 Sep 2004
TL;DR: SATMC (SAT-based Model Checker) is presented, an open and flexible platform for SAT-based bounded model checking of security protocols and performs a bounded analysis of the problem by considering scenarios with a finite number of sessions.
128
Attacking and fixing PKCS#11 security tokens
Matteo Bortolozzo,Matteo Centenaro,Riccardo Focardi,Graham Steel +3 more
- 04 Oct 2010
TL;DR: It is shown how to extract sensitive cryptographic keys from a variety of commercially available tamper resistant cryptographic security tokens, exploiting vulnerabilities in their RSA PKCS#11 based APIs, using Tookan, an automated tool developed.
Formal Verification Methods
Osman Hasan,Sofiène Tahar +1 more
- 01 Jan 2015
TL;DR: In the case of the A330 aircraft, the automatic reporting system sent messages indicating disagreement in the airspeed readings, which led investigators to believe that the pilot probe sensors did not “accurately” measure airspeed and the autopilot may have automatically disengaged as discussed by the authors.
99
LTL Model Checking for Security Protocols
Alessandro Armando,Roberto Carbone,Luca Compagna +2 more
- 06 Jul 2007
TL;DR: This paper proposes a general model for security protocols based on the set-rewriting formalism that allows for the specification of assumptions on principals and communication channels as well as complex security properties that are normally not handled by state-of-the-art protocol analysers.
80
References
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Chaff: engineering an efficient SAT solver
Matthew W. Moskewicz,Conor F. Madigan,Ying Zhao,Lintao Zhang,Sharad Malik +4 more
- 22 Jun 2001
TL;DR: The development of a new complete solver, Chaff, is described which achieves significant performance gains through careful engineering of all aspects of the search-especially a particularly efficient implementation of Boolean constraint propagation (BCP) and a novel low overhead decision strategy.
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Symbolic Model Checking without BDDs
Armin Biere,Alessandro Cimatti,Edmund M. Clarke,Yunshan Zhu +3 more
- 22 Mar 1999
TL;DR: This paper shows how boolean decision procedures, like Stalmarck's Method or the Davis & Putnam Procedure, can replace BDDs, and introduces a bounded model checking procedure for LTL which reduces model checking to propositional satisfiability.
The AVISPA tool for the automated validation of internet security protocols and applications
Alessandro Armando,David Basin,Yohan Boichut,Yannick Chevalier,Luca Compagna,Jorge Cuellar,P. Hankes Drielsma,Pierre-Cyrille Héam,Olga Kouchnarenko,Jacopo Mantovani,Sebastian Mödersheim,D. von Oheimb,Michaël Rusinowitch,J. Santiago,Mathieu Turuani,Luca Viganò,Laurent Vigneron +16 more
- 06 Jul 2005
TL;DR: AVISPA is a push-button tool for the automated validation of Internet security-sensitive protocols and applications that provides a modular and expressive formal language for specifying protocols and their security properties.