A HEURISTIC STATE SPACE SEARCH MODEL FOR SECURITY PROTOCOL VERIFICATION

Zeeshan Furqan, Ratan Guha, Shahabuddin Muhammad

2004

Abstract

The vulnerability and importance of computers, robots, internet etc, demand the employment of exceedingly reliable security protocols. E-Business can not be encouraged with susceptible underlying security protocols. We present a heuristic state space search model for automatic security protocol verification. Our model exploits its knowledge of the search space and intelligently enhances the efficiency of security protocol verification process. It uses the representation of security protocols in terms of Strand Space Model (SSM) and logic of authentication. The attributes of security protocol are first represented in SSM and then interpreted into logic. This logical module is coded in form of states. Our model accepts these states as its input and attempts to verify them. An efficient algorithm is used for the verification procedure. The goal is to avoid state space explosion problem and improve the overall efficiency by exploring maximum number of states in a given amount of time. The simplicity of our approach enables it to be translated into existing solutions for greater efficiency.

References

  1. Needham, R., and Schroeder, M., (1978) Using encryption for authentication in large networks of computers, Communications of the ACM, vol. 2, issue 1, 2, 993- 999.
  2. Lowe, G., (1996) Breaking and fixing the NeedhamSchroeder public-key protocol using FDR, In Tools and Algorithms for the Construction and Analysis of Systems, vol. 1055 of Lecture Notes in Computer Science, 147-166, Springer-Verlag.
  3. Burrows, M., Abadi, M., and Needham, R., (1989) A logic of authentication. Technical Report 39, DEC Systems Research Center.
  4. Lowe, G., (1997) A hierarchy of authentication specifications, In proceedings of 1997 IEEE Computer Society Symposium on Research in Security and Privacy, 31-43, Rockport, MA, USA.
  5. Gong, L., Needham, R., and Yahlalom, R., (1990) Reason about belief in cryptographic protocols, In Proceedings of the IEEE Symposium on Research in Security and Privacy, 234-248, Oakland, CA, USA.
  6. Fabrega, F., Herzog, J., and Guttman, J., (1998) Strand Spaces: Why is a security protocol correct?, In Proceedings of 1998 IEEE Symposium on Security and Privacy, 160-171, Oakland, CA, USA.
  7. Fabrega, F., Herzog, J., and Guttman, J., (1999) Strand Spaces: Proving security protocols correct, Journal of Computer Security, vol. 7, issue 2, 3, 191-230.
  8. Song, D., Berezin, S., and Perrig, A., (2001) Athena: a novel approach to efficient automatic security protocol analysis, Journal of Computer Security, vol. 9, issue 1, 2, 47-74.
  9. Perrig, A., and Song, D., (2000) An initial approach to automatic generation of security protocols, In proceedings of NDSS'00 (Network and Distributed System Security Symposium), San Diego, CA, USA.
  10. Song, D., (1999) Athena: An automatic checker for security protocol analysis, In proceedings of the 12th computer science foundation workshop, Mordano, Italy.
  11. Song, D., and Perrig, A., (2000) Looking for a diamond in the dessert-extending automatic protocol generation to three party authentication and key distribution protocols, In proceedings of IEEE Computer Security Foundation Workshop (CSFW'2000), Cambridge, England.
  12. Lowe, G., (1999) Towards a completeness result for model checking security protocols, Journal of Computer Security, vol. 7, issue 2, 3, 89-146.
  13. Kindred, D., and Wing, J., (1996) Fast, automatic checking of security protocols, In USENIX 2nd workshopon Electric Commerce, 41-52, Oakland, CA, USA.
  14. Peled, D., (1993) All from one, one for all: on model checking using representatives, In Costas Courcoubetics, editor, proceedings of the Fifth workshop on Computer Aided Verification, vol. 697 of Lecture Notes in Computer Science, 409-423, Elounda, Greece, Springer-Verlag.
  15. Peled, D., (1994) Combining partial order reductions with on-the-fly model-checking, In David L. Dill, editor, Proceedings of the sixthworkshop on computer aided verification, vol. 818 of Lecture Notes in Computer Science, 377-390, Stanford, CA, USA, SpringerVerlag.
  16. Brackin, S., (1996) Automatic formal analyses of cryptographic protocols, In Proceedings of the 19th National Conference on Inofrmation Systems Security, 40-51, Baltimore, MD, USA.
  17. Brackin, S., (1997) Automatic formal analyses of two large commercial protocols, In Proceedings of the DIMACS workshop on design and formal verification of security protocols.
  18. Lowe, G., (1995) An attack on the Needham-Schroeder public-key authentication protocol, Information Processing Letters, vol. 56, issue 3, 131-136.
  19. Meadows, C., (1994) A model of computation for the NRL protocol analyzer, In Proceedings of the 1994 Computer Security Foundation Workshop, 84-89, Frankonia, NH, USA.
  20. Paulson, L., (1997) Proving properties of security protocols by induction, In Proceedings of the 1997 IEEE Computer Society Symposium on Research in Security and Privacy, 79-83, Rockport, MA, USA.
  21. Meadows, C., (1996) Analyzing the Needham-Schroeder public key protocol: A comparison of two approaches, In Proceedings of the 4th European Symposium on Research in Computer Society ESORICS, 351-364, Rome, Italy.
  22. Dolev, D., Yao, A., (1983) On the security of public key protocols, IEEE Transactions on Information Theory, vol. 29, issue 2, 198-208.
  23. Dolev, D., Even, S., Karp, R. (1982) On the security of ping-pong protocols, Information and Control, 57-68.
  24. Meadows, C., (2003) Formal methods for cryptographic protocol analysis: Emerging issues and trends, IEEE Journal on Selected Areas in Communication, vol. 21, issue 1, 44-54.
Download


Paper Citation


in Harvard Style

Furqan Z., Guha R. and Muhammad S. (2004). A HEURISTIC STATE SPACE SEARCH MODEL FOR SECURITY PROTOCOL VERIFICATION . In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE, ISBN 972-8865-15-5, pages 113-118. DOI: 10.5220/0001394101130118


in Bibtex Style

@conference{icete04,
author={Zeeshan Furqan and Ratan Guha and Shahabuddin Muhammad},
title={A HEURISTIC STATE SPACE SEARCH MODEL FOR SECURITY PROTOCOL VERIFICATION},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,},
year={2004},
pages={113-118},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001394101130118},
isbn={972-8865-15-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,
TI - A HEURISTIC STATE SPACE SEARCH MODEL FOR SECURITY PROTOCOL VERIFICATION
SN - 972-8865-15-5
AU - Furqan Z.
AU - Guha R.
AU - Muhammad S.
PY - 2004
SP - 113
EP - 118
DO - 10.5220/0001394101130118