Search CORE

1,721,005 research outputs found

SAT-based Model Checking for Security Protocols Analysis

Author: Armando Alessandro
L. COMPAGNA
COMPAGNA LUCA
Publication venue
Publication date: 01/01/2008
Field of study

We present a model checking technique for security protocols based on a reduction to propositional logic. At the core of our approach is a procedure that, given a description of the protocol in a multi-set rewriting formalism and a positive integer k, builds a propositional formula whose models (if any) correspond to attacks on the protocol. Thus, finding attacks on protocols boils down to checking a propositional formula for satisfiability, problem that is usually solved very efficiently by modern SAT solvers. Experimental results indicate that the approach scales up to industrial strength security protocols with performance comparable with (and in some cases superior to) that of other state-of-the-art protocol analysers

Archivio della ricerca - Fondazione Bruno Kessler

Archivio istituzionale della ricerca - Università di Genova

SATMC: a SAT-based model checker for security protocols, business processes, and security APIs

Author: Compagna Luca
Carbone Roberto
Armando Alessandro
Publication venue
Publication date: 01/01/2016
Field of study

We present SATMC 3.0, a SAT-based bounded model checker for security-critical systems that stems from a successful combination of encoding techniques originally developed for planning with techniques developed for the analysis of reactive systems. SATMC has been successfully applied in a variety of application domains (security protocols, security-sensitive business processes, and cryptographic APIs) and for different purposes (design-time security analysis and security testing). SATMC strikes a balance between general purpose model checkers and security protocol analyzers as witnessed by a number of important success stories including the discovery of a serious man-in-the-middle attack on the SAML-based single sign-on (SSO) for Google Apps, an authentication flaw in the SAML 2.0 Web Browser SSO Profile, and a number of attacks on PKCS#11 Security Tokens. SATMC is integrated and used as back-end in a number of research prototypes (e.g., the AVISPA Tool, Tookan, the SPaCIoS Tool) and industrial-strength tools (e.g., the Security Validator plugin for SAP NetWeaver BPM)

Crossref

Archivio della ricerca - Fondazione Bruno Kessler

Archivio istituzionale della ricerca - Università di Genova