SMT Solvers as Efficient Tools for Automatic Time Properties Verification of Security Protocols

2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT) Pub Date : 2019-12-01 DOI:10.1109/PDCAT46702.2019.00065

A. Zbrzezny, Olga Siedlecka-Lamch, Sabina Szymoniak, M. Kurkowski

{"title":"SMT Solvers as Efficient Tools for Automatic Time Properties Verification of Security Protocols","authors":"A. Zbrzezny, Olga Siedlecka-Lamch, Sabina Szymoniak, M. Kurkowski","doi":"10.1109/PDCAT46702.2019.00065","DOIUrl":null,"url":null,"abstract":"This paper presents our next research related to the use of SMT techniques for the analysis of security protocols. The behaviours of users and their changing knowledge during an investigated protocol executions are modelled as networks of communicating timed automata. The time properties are defined as the reachability properties of some, properly indicated states in the product automaton. We can do it using specially described time conditions, that can express dependencies between defined as a reachability property of some, chosen states in automata network, the possibility of performing some desired protocol steps and filling time constraints that use generation time of timestamps and lifetimes or/and networks delays. For our experiments we use boolean and SMT encodings that are the basis for respectively, SAT-and SMT-based bounded model checking. For SMT, the runs in product automaton are translated into the quantifier-free first-order formula. So far, we have implemented a well known bounded model checking algorithm and evaluated it for Needham-Schroeder Public Key, Needham Schroeder Symmetric Key, Woo Lam Pi and Wide Mouth Frog protocols. Now we show the tests carried out for the group of four known from the literature security protocols. We also compared our new SMT-based approach with a previous, only SAT-based, technique. For experiments, we used Minisat SAT solver, Z3, Yices2, CVC4 and MathSAT SMT solvers.","PeriodicalId":166126,"journal":{"name":"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT46702.2019.00065","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

This paper presents our next research related to the use of SMT techniques for the analysis of security protocols. The behaviours of users and their changing knowledge during an investigated protocol executions are modelled as networks of communicating timed automata. The time properties are defined as the reachability properties of some, properly indicated states in the product automaton. We can do it using specially described time conditions, that can express dependencies between defined as a reachability property of some, chosen states in automata network, the possibility of performing some desired protocol steps and filling time constraints that use generation time of timestamps and lifetimes or/and networks delays. For our experiments we use boolean and SMT encodings that are the basis for respectively, SAT-and SMT-based bounded model checking. For SMT, the runs in product automaton are translated into the quantifier-free first-order formula. So far, we have implemented a well known bounded model checking algorithm and evaluated it for Needham-Schroeder Public Key, Needham Schroeder Symmetric Key, Woo Lam Pi and Wide Mouth Frog protocols. Now we show the tests carried out for the group of four known from the literature security protocols. We also compared our new SMT-based approach with a previous, only SAT-based, technique. For experiments, we used Minisat SAT solver, Z3, Yices2, CVC4 and MathSAT SMT solvers.

查看原文本刊更多论文

SMT求解器作为安全协议时间属性自动验证的有效工具

本文介绍了我们的下一个与使用SMT技术分析安全协议相关的研究。在被调查的协议执行过程中，用户的行为和他们不断变化的知识被建模为通信时间自动机网络。时间属性被定义为产品自动机中某些适当指示状态的可达性属性。我们可以使用特殊描述的时间条件来实现它，这些条件可以表示自动机网络中被定义为可达性属性的一些状态之间的依赖关系，执行一些期望的协议步骤的可能性，以及使用时间戳和生存期或/和网络延迟的生成时间来填充时间约束。对于我们的实验，我们使用布尔和SMT编码，它们分别是基于sat和基于SMT的有界模型检查的基础。对于SMT，产品自动机的运行被转换成无量词的一阶公式。到目前为止，我们已经实现了一个著名的有界模型检查算法，并对Needham-Schroeder公钥、Needham Schroeder对称密钥、Woo Lam Pi和Wide Mouth Frog协议进行了评估。现在我们展示的是对文献安全协议中已知的四组进行的测试。我们还将新的基于smt的方法与以前的仅基于sat的技术进行了比较。在实验中，我们使用了Minisat SAT解算器、Z3、Yices2、CVC4和MathSAT SMT解算器。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)

自引率

0.00%

发文量