Skip to main content
Article thumbnail
Location of Repository

Directed Symbolic Model Checking of Security Protocols

By Qurat Ul Ain Nizamani


This thesis promotes the use of directed model checking for security protocol verification. In particular, we investigated the possibility of designing heuristics that can reduce the overall size of the state space and can direct the search towards states containing an attack. More precisely,\ud • We have designed three property-specific heuristics namely H1, H2, and H3. The heuristics derive their hints from the security property to be verified and assign weights to states according to their possibility of leading to an attack.\ud • H1 is formally proved correct, i.e., the states pruned by the heuristic H1 do not contain any attack.\ud • An existing tool ASPASyA with conventional model checking algorithm (i.e., depth first search) has been modified so as to integrate our heuristics into it. The resulting tool H -ASPASyA uses an informed search algorithm that is equipped with our heuristics. The heuristics evaluate the states which are then explored in decreasing order of their weights.\ud • The new tool H -ASPASyA is tested against a few protocols to gauge the performance of our heuristics.\ud The results demonstrate the efficiency of our approach. It is worth mentioning that despite being a widely applied verification technique, model checking suffers from the state space explosion problem. Recently directed model checking has been used to mitigate the state space explosion problem in general model checking. However, the directed model checking approaches have not been studied extensively for security protocol verification. This thesis demonstrates the fact that directed model checking can be adapted for security protocol verification in order to yield better results

Publisher: University of Leicester
Year: 2011
OAI identifier:

Suggested articles


  1. (1999). A Calculus for Cryptographic Protocols: The Spi Calculus. doi
  2. A Coordination-based Methodology for Security Protocol Verification. doi
  3. (1996). A HOL extension of GNY for Automatically Analyzing Cryptographic Protocols. doi
  4. (1990). A Logic of Authentication. doi
  5. (2005). A Method for Symbolic Analysis of Security Protocols. doi
  6. (1992). A Nonce-based Protocol for Multiple Authentications. doi
  7. (1997). A survey of authentication protocol literature: Version 1.0.,
  8. (2008). A symbolic framework for multi-faceted security protocol analysis. doi
  9. (1995). An Attack on the Needham-Schroeder Public-key Authentication Protocol. Information Processing Letters, doi
  10. (2001). An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. doi
  11. (2003). An NP Decision Procedure for Protocol Insecurity with XOR. doi
  12. (2003). An On-The-Fly Model-Checker for Security Protocol Analysis. doi
  13. (2008). Analysis of a federated identity management protocol in soc. doi
  14. (2002). Artificial Intelligence: A Modern Approach (2nd Edition). doi
  15. (1999). Athena: a New Efficient Automatic Checker for Security Protocol Analysis. doi
  16. (1997). Automated Analysis of Cryptographic Protocols using Mur/spl phi/. doi
  17. (1978). Automatically Verified Data Transfer Protocols.
  18. (1996). Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, doi
  19. (1989). Communication and Concurrency. doi
  20. (2004). Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation. doi
  21. (2003). Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. doi
  22. (2004). Directed Explicitstate Model Checking in the Validation of Communication Protocols. doi
  23. (2003). Directed Search for the Verification of Communication Protocols.
  24. (1999). Error detection with directed symbolic model checking. doi
  25. (1996). Exploiting Symmetry in Temporal Logic Model Checking. Formal Methods of System Design, doi
  26. (2000). Formal Systems (Europe) Ltd. Failures-Divergence Refinement. FDR2 User Manual.
  27. (2007). Formal Verification of Concurrent Systems via Directed Model Checking. doi
  28. (1993). Fully-fledged Two-way Public Key Authentication and Key Agreement for Low-cost Terminals. doi
  29. (2003). HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols. doi
  30. (1993). Information Technology - Security Techniques - Entity Authentication Mechanism Part 2: Entity Authentication Using Symmetric Techniques. doi
  31. (1994). Isabelle - A Generic Theorem Prover (with a contribution by T. doi
  32. (1999). Lazy Infinite-State Analysis of Security Protocols. doi
  33. (1998). MOCHA: Modularity in Model Checking. doi
  34. (1994). Model Checking and Abstraction. doi
  35. (2002). Model checking Java programs Using Structural Heuristics. doi
  36. (1992). Multiple Authentications with a Nonce-Based Protocol Using Generalized Timestamps.
  37. (1999). Next” Heuristic for On-the-Fly Model Checking. In doi
  38. (2003). Non-Functional Aspects of Wide Area Network Programming.
  39. (1983). On the Security of Public Key Protocols. Information Theory, doi
  40. (2003). On the symbolic reduction of processes with cryptographic functions. doi
  41. (1994). Optimal Privacy and Authentication on a Portable Communications System. doi
  42. (2010). Partial Order Reduction for Branching Security Protocols. doi
  43. (2000). Partial Order Reductions for Security Protocol Verification. doi
  44. (2001). Protocol Verification with Heuristic Search. doi
  45. (1992). PVS: A Prototype Verification System. doi
  46. (2009). Qurat ul Ain Nizamani and Emilio Tuosto. Heuristic Methods for Security Protocols. doi
  47. (1990). Reasoning about Belief in Cryptographic Protocols. doi
  48. (2008). SAT-based Model-Checking for Security Protocols analysis. doi
  49. (2006). Scyther - Semantics and Verification of Security Protocols. doi
  50. (2003). Security Protocols Verification by Means of Symbolic Model Checking.˜etuosto/aspasya/aspasya.html,
  51. (2001). Static analysis for secrecy and non-interference in networks of processes. doi
  52. (1998). Strand Spaces: Why is a Security Protocol Correct? doi
  53. (2004). Sunil Issar, and Hongwei Xi. ETPS: A System to Help Students Write Formal Proofs. doi
  54. (2004). Symbolic Bisimulation in the Spi Calculus. doi
  55. (2000). Symbolic Guided Search for CTL Model Checking. doi
  56. (2001). Symbolic trace analysis of cryptographic protocols. doi
  57. (2006). The CL-Atse Protocol Analyser. doi
  58. (1998). The Inductive Approach to Verifying Cryptographic Protocols. doi
  59. (1996). The NRL Protocol Analyzer: An Overview. doi
  60. (2003). The Spin Model Checker, Primer and Reference manual. Addison-Wesley Professional, first edition,
  61. (2002). The TRUST protocol analyser. Automatic and Efficient Verification of Cryptographic Protocols.
  62. (1981). Timestamps in Key Distribution Protocols. doi
  63. (1993). TPS: An Interactive and Automatic Tool for Proving Theorems of Type Theory. doi
  64. (2008). Unbounded Verification, Falsification, and Characterization of Security Protocols by Pattern Refinement. doi
  65. (2007). Uppaal/DMC- AbstractionBased Heuristics for Directed Model Checking. doi
  66. (1978). Using Encryption for Authentication in Large Networks of Computers. doi
  67. (2009). Viktor Schuppan, Dragan Bosˇnacˇki, Anton Wijs, Ansgar Fehnker, and Husain Aljazzar. Model Checking and doi

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.