On the semantics of communications when verifying equivalence properties

Kushal Babel 1 Vincent Cheval 2 Steve Kremer 2
2 PESTO - Proof techniques for security protocols
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Symbolic models for security protocol verification were pioneered by Dolev and Yao in their seminal work. Since then, although inspired by the same ideas, many variants of the original model were developed. In particular, a common assumption is that the attacker has complete control over the network and can therefore intercept any message. This assumption has been interpreted in slightly different ways depending on the particular models: either any protocol output is directly routed to the adversary, or communications may be among any two participants, including the attacker-the scheduling between which exact parties the communication happens is left to the attacker. This difference may seem unimportant at first glance and, depending on the verification tools, either one or the other semantics is implemented. We show that, unsurprisingly, they indeed coincide for reachability properties. However, for indistinguishability properties, we prove that these two interpretations lead to incomparable semantics. We also introduce and study a new semantics, where internal communications are allowed but messages are always eavesdropped by the attacker. This new semantics yields strictly stronger equivalence relations. Moreover, we identify two subclasses of protocols for which the three semantics coincide. Finally, we implemented verification of trace equivalence for each of the three semantics in the DeepSec tool and compare their performances on several classical examples.
Document type :
Journal articles
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.inria.fr/hal-02446910
Contributor : Steve Kremer <>
Submitted on : Tuesday, January 21, 2020 - 11:36:10 AM
Last modification on : Wednesday, January 22, 2020 - 1:45:34 AM

File

main.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02446910, version 1

Collections

Citation

Kushal Babel, Vincent Cheval, Steve Kremer. On the semantics of communications when verifying equivalence properties. Journal of Computer Security, IOS Press, In press. ⟨hal-02446910⟩

Share

Metrics

Record views

24

Files downloads

138