Towards automatic verification of authentication protocols on an unbounded network

Abstract

Schneider's (1998) work on rank functions provides a formal approach to verification of certain properties of a security protocol. However, he illustrates the approach only with a protocol running on a small network; and no help is given with the somewhat hit-and-miss process of finding the rank function which underpins the central theorem. We develop the theory to allow for an arbitrarily large network, and give a clearly defined decision procedure by which one may either construct a rank function, proving correctness of the protocol, or show that no rank function exists. We discuss the implications of the absence of a rank function, and the open question of completeness of the rank function theorem.