Verification of Authentication Protocols for Epistemic Goals via SAT Compilation 被引量：1

Verification of Authentication Protocols for Epistemic Goals via SAT Compilation

导出

摘要 This paper introduces a new methodology for epistemic logic, to analyze communication protocols that uses knowledge structures, a specific form of Kripke semantics over hostile networks. The paper particularly focuses on automatic verification of authentication protocols. Our approach is based on the actual definitions of a protocol, not on some difficultto-establish justifications. The proposed methodology is different from many previous approaches to automatic verification of security protocols in that it is justification-oriented instead of falsification-oriented, i.e., finding bugs in a protocol. The main idea is based on observations： separating a principal executing a run of protocol from the role in the protocol, and inferring a principal＇s knowledge from the local observations of the principal. And we show analytically and empirically that this model can be easily reduced to Satisfiability （SAT） problem and efficiently implemented by a modern SAT solver. This paper introduces a new methodology for epistemic logic, to analyze communication protocols that uses knowledge structures, a specific form of Kripke semantics over hostile networks. The paper particularly focuses on automatic verification of authentication protocols. Our approach is based on the actual definitions of a protocol, not on some difficultto-establish justifications. The proposed methodology is different from many previous approaches to automatic verification of security protocols in that it is justification-oriented instead of falsification-oriented, i.e., finding bugs in a protocol. The main idea is based on observations： separating a principal executing a run of protocol from the role in the protocol, and inferring a principal＇s knowledge from the local observations of the principal. And we show analytically and empirically that this model can be easily reduced to Satisfiability （SAT） problem and efficiently implemented by a modern SAT solver.

作者苏开乐陈清亮 Abdul Sattar 岳伟亚吕关锋郑锡忠

机构地区 Department of Computer Science Institute for Integrated and Intelligent Systems College of Computer Science and Technology Department of Computer Science

出处《Journal of Computer Science & Technology》 SCIE EI CSCD 2006年第6期932-943,共12页 计算机科学技术学报（英文版）

基金 This work is supported by the National Grand Fundamental Research 973 Program of China under Grant No 2005CB321902, the National Natural Science Foundation of China under Grant Nos. 60496327, 10410638 and 60473004, German Research Foundation under Grant No. 446 CHV113/240/0-1, Guangdong Provincial Natural Science Foundation under Grant No. 04205407, and KAISI Fund in Sun Yat-Sen University.

关键词 authentication protocol formal verification knowledge structure SAT authentication protocol, formal verification, knowledge structure, SAT

分类号 TP31 [自动化与计算机技术—计算机软件与理论]

引文网络
相关文献

参考文献3

1HUAIJinpeng LIXianxian.Algebra model and security analysis for cryptographic protocols[J].Science in China(Series F),2004,47(2):199-220. 被引量：8
2RuiXue Deng-GuoFeng.New Semantic Model for Authentication Protocols in ASMs[J].Journal of Computer Science & Technology,2004,19(4):555-563. 被引量：5
3李梦君,李舟军,陈火旺.基于进程代数安全协议验证的研究综述[J].计算机研究与发展,2004,41(7):1097-1103. 被引量：25

二级参考文献61

1[1]Meadows, C., A model of computation for the NRL protocol analyzer, in Proceedings of the 1994 Computer Security Foundations Workshop, Franconia, NH, USA, 1994, 84-89.
2[2]Fábrega, F. J. T., Herzog, J. C., Guttman, J. D., Strand spaces: proving security protocols correct, Journal of Computer Security, 1999, 191-230.
3[3]Fábrega, F. J. T., Herzog, J. C., Guttman, J. D., Strand spaces: Why is a security protocol correct? in Proceedings of the 1998 IEEE Symposium on Security and Privacy, IEEE Computer Press, 1998, 160-171.
4[4]Paulson, L. C., The inductive approach to verifying cryptographic protocols, Journal of Computer Security,1998, (6): 85-128.
5[5]Lowe, G., Breaking and fixing the Needham-Schroeder public-key protocol using FDR, in Tools and Algorithms for the Construction and Analysis of Systems, vol. 1055 of Lecture Notes in Computer Science,Berlin: Springer-Verlag, 1996, 147-166.
6[6]Mitchell, J. C., Mitchell, M., Stern, U., Automated analysis of cryptographic protocols using murψ, in Proceedings of the 1997 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, 1997.
7[7]Clarke, E. M., Jha, S., Marrero, W., Verifying security protocols with Brutus, ACM Transactions on Software Engineering and Methodology, 2000, 9(4): 443-487.
8[8]Song, D., Beresin, S., Perrig, A., Athena: a novel approach to efficient automatic security protocol analysis,2001, 9(1,2): 47-74.
9[9]Lowe, G., Towards a completeness result for model checking of security protocols, in Proceedings of 11th IEEE Computer Security Foundation Workshop (CSFW′98), Rockport Massachusetts USA, 1998.
10[10]Durgin, N. A., Lincoln, P. D., Mitchell, J. C. et al., Undecidability of bounded security protocols, in Electronic Proceedings of the Workshop on Formal Methods and Security Protocols, 1999, http:∥www.cs.bell-labs.com/who/nch/fmsp99/program.html.

共引文献33

1苏开乐,吕关锋,陈清亮.基于知识结构的认证协议验证[J].中国科学（E辑）,2005,35(4):337-351. 被引量：7
2SUKaile LüGuanfeng CHENQingliang.Knowledge structure approach to verification of authentication protocols[J].Science in China(Series F),2005,48(4):513-532. 被引量：4
3李先贤,怀进鹏.基于约束构造算法的密码协议安全性分析[J].中国科学（E辑）,2005,35(10):1009-1030. 被引量：1
4周倜,李梦君,刘万伟,李舟军.安全协议的进程代数规约到逻辑程序的自动转换[J].计算机工程与科学,2006,28(1):22-24.
5薛锐,冯登国.安全协议的形式化分析技术与方法[J].计算机学报,2006,29(1):1-20. 被引量：61
6LI Xianxian HUAI Jinpeng.Cryptographic protocol security analysis based on bounded constructing algorithm[J].Science in China(Series F),2006,49(1):26-47.
7李梦君,李舟军,陈火旺.SPVT:一个有效的安全协议验证工具[J].软件学报,2006,17(4):898-906. 被引量：18
8顾永跟,傅育熙.基于进程演算和知识推理的安全协议形式化分析[J].计算机研究与发展,2006,43(5):953-958. 被引量：7
9李梦君,王桢珍,李舟军,陈火旺.ACUN理论一般合一化问题的合一化算法[J].计算机工程与科学,2006,28(5):61-65.
10苏开乐,岳伟亚,陈清亮,ZHENG Xi-Zhong.实例化空间:一种新的安全协议验证逻辑的语义模型[J].计算机学报,2006,29(9):1657-1665. 被引量：7

引证文献1

1苏开乐,陈清亮,岳伟亚.一种规约于可满足性问题(SAT)的知识推理算法[J].计算机科学与探索,2007,1(1):79-86.

1赵源超,李道本.一种改进的无线城域网鉴别协议[J].北京电子科技学院学报,2006,14(2):28-31. 被引量：1
2关志,南湘浩.数字签名与密钥交换机制的讨论[J].计算机安全,2008(10):1-2. 被引量：1
3关志,南湘浩.数字签名与密钥交换机制的讨论[J].信息安全与通信保密,2008(9):46-47. 被引量：2
4孙亚民,吴永森.带时间标记的鉴别协议的验证[J].计算机研究与发展,1995,32(7):6-10. 被引量：3
5李浩,谢桂海,王新锋,杨磊.一种基于零知识证明的RFID鉴别协议[J].现代电子技术,2006,29(17):23-25. 被引量：3
6逯海军,祝跃飞.产生“一次一密”会话密钥的抗重放攻击鉴别协议[J].计算机应用,2003,23(7):24-25. 被引量：1
7曲英伟,郑广海.一种使用双线性映射的移动Agent鉴别协议[J].通信技术,2008,41(6):143-145.
8李凯,杨放春.鉴别协议综述[J].计算机应用,2004,24(B12):1-3. 被引量：3
9Marko Malikovic,Mirko Cubrilo.Reasoning about Epistemic Actions and Knowledge in Multi-Agent Systems Using Coq[J].Computer Technology and Application,2011,2(8):616-627.
10查兵,刘晔.基于SOPC的NiosⅡ软核MP3播放器的实现[J].中国高新技术企业,2009(10):5-6. 被引量：1

Journal of Computer Science & Technology

2006年第6期

浏览历史

内容加载中请稍等...

Verification of Authentication Protocols for Epistemic Goals via SAT Compilation 被引量：1

参考文献3

二级参考文献61

共引文献33

引证文献1

相关作者

相关机构

相关主题

浏览历史