{"title":"密码协议的一阶验证器","authors":"Ernie Cohen","doi":"10.1109/CSFW.2000.856933","DOIUrl":null,"url":null,"abstract":"We describe a proof method for cryptographic protocols, based on a strong secrecy invariant that catalogues conditions under which messages can be published. For typical protocols, a suitable first-order invariant can be generated automatically from the program text, independent of the properties being verified, allowing safety properties to be proved by ordinary first-order reasoning. We have implemented the method in an automatic verifier, TAPS, that proves safety properties roughly equivalent to those in published Isabelle verifications, but does so much faster (usually within a few seconds) and with little or no guidance from the user. We have used TAPS to analyze about 60 protocols, including all but three protocols from the Clark and Jacob survey; on average, these verifications each require less than 4 seconds of CPU time and less than 4 bytes of hints from the user.","PeriodicalId":377637,"journal":{"name":"Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2000-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"85","resultStr":"{\"title\":\"TAPS: a first-order verifier for cryptographic protocols\",\"authors\":\"Ernie Cohen\",\"doi\":\"10.1109/CSFW.2000.856933\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We describe a proof method for cryptographic protocols, based on a strong secrecy invariant that catalogues conditions under which messages can be published. For typical protocols, a suitable first-order invariant can be generated automatically from the program text, independent of the properties being verified, allowing safety properties to be proved by ordinary first-order reasoning. We have implemented the method in an automatic verifier, TAPS, that proves safety properties roughly equivalent to those in published Isabelle verifications, but does so much faster (usually within a few seconds) and with little or no guidance from the user. We have used TAPS to analyze about 60 protocols, including all but three protocols from the Clark and Jacob survey; on average, these verifications each require less than 4 seconds of CPU time and less than 4 bytes of hints from the user.\",\"PeriodicalId\":377637,\"journal\":{\"name\":\"Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2000-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"85\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSFW.2000.856933\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSFW.2000.856933","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
TAPS: a first-order verifier for cryptographic protocols
We describe a proof method for cryptographic protocols, based on a strong secrecy invariant that catalogues conditions under which messages can be published. For typical protocols, a suitable first-order invariant can be generated automatically from the program text, independent of the properties being verified, allowing safety properties to be proved by ordinary first-order reasoning. We have implemented the method in an automatic verifier, TAPS, that proves safety properties roughly equivalent to those in published Isabelle verifications, but does so much faster (usually within a few seconds) and with little or no guidance from the user. We have used TAPS to analyze about 60 protocols, including all but three protocols from the Clark and Jacob survey; on average, these verifications each require less than 4 seconds of CPU time and less than 4 bytes of hints from the user.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
