Design, verification and implementation of an authentication protocol

Abstract

We present an account of the entire development cycle (i.e., design, specification and verification, and implementation) of a realistic authentication protocol, which is part of a security architecture proposed by us. The protocol's design follows a stepwise refinement process, which we illustrate. Our account of its specification and verification provides a practical demonstration of a proposed formal analysis approach. For its implementation, we adopt the GSS-API standard. We describe the mapping from our protocol to GSS-API, which can serve as a reference for other protocol implementations. We believe that the global perspective presented in this paper would be of great value to protocol designers, verifiers, and implementers, and contribute toward bridging the gap between the theory and practice of authentication protocol design.<>