Research on Security Protocol Analysis Tool SmartVerif

Abstract Security protocols have been designed to protect the security of the network. However, many security protocols cannot guarantee absolute security in real applications. Therefore, security tests of the network protocol become particularly important. In this paper, firstly, we introduce SmartVerif, which is the first formal analysis tool to automatically verify the security of protocols through dynamic strategies. And then, we use SmartVerif to verify the pseudo-randomness of the encapsulated key of the Two-Pass AKE protocol, which was proposed by Liu’s in ASIACRYPT in 2020. Finally, we summary our work and show some limitations of SmartVerif. At the same time, we also point out the direction for future improvement of SmartVerif.

Download Full-text

The AVISS Security Protocol Analysis Tool

Computer Aided Verification - Lecture Notes in Computer Science ◽

10.1007/3-540-45657-0_27 ◽

2002 ◽

pp. 349-354 ◽

Cited By ~ 27

Author(s):

Alessandro Armando ◽

David Basin ◽

Mehdi Bouallagui ◽

Yannick Chevalier ◽

Luca Compagna ◽

...

Keyword(s):

Protocol Analysis ◽

Security Protocol ◽

Analysis Tool

Download Full-text

An Improved Security Protocol Formal Analysis with BAN Logic

2009 International Conference on Electronic Commerce and Business Intelligence ◽

10.1109/ecbi.2009.101 ◽

2009 ◽

Author(s):

Li Tingyuan ◽

Liu Xiaodong ◽

Qin Zhiguang ◽

Zhang Xuanfang

Keyword(s):

Formal Analysis ◽

Security Protocol ◽

Ban Logic

Download Full-text

Bluetooth Security Protocol Analysis and Improvements

10.31979/etd.sc5w-6wj8 ◽

2006 ◽

Author(s):

Chi Shing Lee

Keyword(s):

Protocol Analysis ◽

Security Protocol

Download Full-text

Formal Methods in Information Security

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v14i4.1963 ◽

2015 ◽

Vol 14 (4) ◽

pp. 5621-5631

Author(s):

AJAYI ADEBOWALE ◽

NICULAE GOGA ◽

OTUSILE OLUWABUKOLA ◽

ABEL SAMUEL

Keyword(s):

Life Cycle ◽

Formal Methods ◽

Nuclear Energy ◽

State Of The Art ◽

Security Protocols ◽

Security Protocol ◽

Secure Information ◽

Industrial Projects ◽

Industrial Use ◽

Industrial Adoption

Formal methods use mathematical models for analysis and verification at any part of the program life-cycle. The use of formal methods is admitted, recommended, and sometimes prescribed in safety-and security-related standards dealing, e.g., with avionics, railways, nuclear energy, and secure information systems. This paper describes the state of the art in the industrial use of formal methods ininformation security with a focus on verification of security protocols. Given the vast scope of available solutions, attention has been focused just on the most popular and most representative ones, without exhaustiveness claims. We describe some of the highlights of our survey by presenting a series of industrial projects, and we draw some observations from these surveys and records of experience. Based on this, we discuss issues surrounding the industrial adoption of formal methods in security protocol engineering.

Download Full-text

Probabilistic Polynomial-Time Process Calculus and Security Protocol Analysis

Programming Languages and Systems - Lecture Notes in Computer Science ◽

10.1007/3-540-45309-1_2 ◽

2001 ◽

pp. 23-29 ◽

Cited By ~ 2

Author(s):

John C. Mitchell

Keyword(s):

Polynomial Time ◽

Protocol Analysis ◽

Security Protocol ◽

Process Calculus ◽

Time Process ◽

Probabilistic Polynomial Time

Download Full-text

The CASPA Tool: Causality-Based Abstraction for Security Protocol Analysis

Computer Aided Verification - Lecture Notes in Computer Science ◽

10.1007/978-3-540-70545-1_39 ◽

2008 ◽

pp. 419-422 ◽

Cited By ~ 2

Author(s):

Michael Backes ◽

Stefan Lorenz ◽

Matteo Maffei ◽

Kim Pecina

Keyword(s):

Protocol Analysis ◽

Security Protocol

Download Full-text

Data Security in Wired and Wireless Systems

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch062 ◽

2019 ◽

pp. 1213-1240

Author(s):

Abhinav Prakash ◽

Dharma Prakash Agarwal

Keyword(s):

Wireless Network ◽

Data Security ◽

Security Protocols ◽

Wireless Systems ◽

Main Tool ◽

Security Protocol ◽

Network Data ◽

Wireless Technologies ◽

Secured Communication ◽

Different Parts

The issues related to network data security were identified shortly after the inception of the first wired network. Initial protocols relied heavily on obscurity as the main tool for security provisions. Hacking into a wired network requires physically tapping into the wire link on which the data is being transferred. Both these factors seemed to work hand in hand and made secured communication somewhat possible using simple protocols. Then came the wireless network which radically changed the field and associated environment. How do you secure something that freely travels through the air as a medium? Furthermore, wireless technology empowered devices to be mobile, making it harder for security protocols to identify and locate a malicious device in the network while making it easier for hackers to access different parts of the network while moving around. Quite often, the discussion centered on the question: Is it even possible to provide complete security in a wireless network? It can be debated that wireless networks and perfect data security are mutually exclusive. Availability of latest wideband wireless technologies have diminished predominantly large gap between the network capacities of a wireless network versus a wired one. Regardless, the physical medium limitation still exists for a wired network. Hence, security is a way more complicated and harder goal to achieve for a wireless network (Imai, Rahman, & Kobara, 2006). So, it can be safely assumed that a security protocol that is robust for a wireless network will provide at least equal if not better level of security in a similar wired network. Henceforth, we will talk about security essentially in a wireless network and readers should assume it to be equally applicable to a wired network.

Download Full-text