Formal automatic verification of security protocols

Abstract

Security protocols flaws are notoriously difficult to detect. Comparatively little attention has been given to logics of knowledge, although such logics have been proven to be very useful in the specifications of protocols for communication systems. We address ourselves to the analysis of security protocols under the Dolev-Yao model by using a logic of algorithmic knowledge, and propose a general method to describe formally the data structures used in the verification, such as messages, traces, intruders, and so on. We explore the use of our methodology for the verification of security protocols. The Horng-Hsu attack to Helsinki protocol has been found successfully in this setting by using SPIN.