Download PDFOpen PDF in browserAutomated Proof of Authentication Protocols in a Logic of Events18 pages•Published: May 15, 2012AbstractUsing the language of event orderings and event classes, and using a type of atoms to represent nonces, keys, signatures, and ciphertexts, we give an axiomatization of a theory in which authentication protocols can be formally defined and strong authentication properties proven. This theory is inspired by PCL, the protocol composition logic defined by Datta, Derek, Mitchell, and Roy.We developed a general purpose <i>tactic</i> (in the NuPrl theorem prover), and applied it to automatically prove that several protocols satisfy a strong authentication property. Several unexpected subtleties exposed in this development are addressed with new concepts <i>legal protocols</i>, and a <i>fresh signature criterion</i> - and reasoning that makes use of a well-founded causal ordering on events. This work shows that proofs in a logic like PCL can be automated, provides a new and possibly simpler axiomatization for a theory of authentication, and addresses some issues raised in a critique of PCL. Keyphrases: authentication protocols, event logic, formal proof, security In: Markus Aderhold, Serge Autexier and Heiko Mantel (editors). VERIFY-2010. 6th International Verification Workshop, vol 3, pages 13-30.
|
