Analysing the Woo-Lam Protocol Using CSP and Rank Functions

Abstract

Designing security protocols is a challenging and deceptive exercise. Even small protocols providing straightforward security goals, such as authentication, have been hard to design correctly, leading to the presence of many subtle attacks. Over the years various formal approaches have emerged to analyse security protocols making use of different formalisms. Schneider has developed a formal approach to modelling security protocols using the process algebra CSP (Communicating Sequential Processes). He introduces the notion of rank functions to analyse the protocols. We demonstrate an application of this approach to the Woo-Lam protocol. We describe the protocol in detail along with an established attack on its goals. We then describe Schneider’s rank function theorem and use it to analyse the protocol. ACM Classification: C.2.2 (Communication/Networking and Information Technology – Network Protocols – Protocol Verification), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)