4 research outputs found
Model Checking Linear Logic Specifications
The overall goal of this paper is to investigate the theoretical foundations
of algorithmic verification techniques for first order linear logic
specifications. The fragment of linear logic we consider in this paper is based
on the linear logic programming language called LO enriched with universally
quantified goal formulas. Although LO was originally introduced as a
theoretical foundation for extensions of logic programming languages, it can
also be viewed as a very general language to specify a wide range of
infinite-state concurrent systems.
Our approach is based on the relation between backward reachability and
provability highlighted in our previous work on propositional LO programs.
Following this line of research, we define here a general framework for the
bottom-up evaluation of first order linear logic specifications. The evaluation
procedure is based on an effective fixpoint operator working on a symbolic
representation of infinite collections of first order linear logic formulas.
The theory of well quasi-orderings can be used to provide sufficient conditions
for the termination of the evaluation of non trivial fragments of first order
linear logic.Comment: 53 pages, 12 figures "Under consideration for publication in Theory
and Practice of Logic Programming
Model checking security protocols : a multiagent system approach
Security protocols specify the communication required to achieve security objectives, e.g.,
data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting,
etc. Formal verification is used to discover protocol-design flaws.
In this thesis, we use a multiagent systems approach built on temporal-epistemic logic
to model and analyse a bounded number of concurrent sessions of authentication and
key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness
of classical, trace-based frameworks by mapping each protocol requirement into a
hierarchy of temporal-epistemic formulae.
To automate our methodology, we design and implement a tool called PD2IS. From a
high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic
specifications of the protocol’s goals. This output is verified with the model checker MCMAS.
We benchmark our methodology on various protocols drawn from standard repositories.
We extend our approach to formalise protocols described by equations of cryptographic
primitives. The core of this extension is an indistinguishability relation to accommodate the
underlying protocol equations. Based on this relation, we introduce a knowledge modality and
an algorithm to model check multiagent systems against it. These techniques are applied to
verify e-voting protocols.
Furthermore, we develop our methodology towards intrusion-detection techniques. We
introduce the concept of detectability, i.e., the ability of protocol participants to detect
jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support
detectability analysis. We model check several attack-prone protocols against their detectability
specifications
Model Checking Security Protocols: A Multiagent System Approach
Security protocols specify the communication required to achieve security objectives, e.g., data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting, etc. Formal verification is used to discover protocol-design flaws. In this thesis, we use a multiagent systems approach built on temporal-epistemic logic to model and analyse a bounded number of concurrent sessions of authentication and key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness of classical, trace-based frameworks by mapping each protocol requirement into a hierarchy of temporal-epistemic formulae. To automate our methodology, we design and implement a tool called PD2IS. From a high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic specifications of the protocol’s goals. This output is verified with the model checker MCMAS. We benchmark our methodology on various protocols drawn from standard repositories. We extend our approach to formalise protocols described by equations of cryptographic primitives. The core of this extension is an indistinguishability relation to accommodate the underlying protocol equations. Based on this relation, we introduce a knowledge modality and an algorithm to model check multiagent systems against it. These techniques are applied to verify e-voting protocols. Furthermore, we develop our methodology towards intrusion-detection techniques. We introduce the concept of detectability, i.e., the ability of protocol participants to detect jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support detectability analysis. We model check several attack-prone protocols against their detectability specifications
Automated Protocol Verification in Linear Logic
In this paper we investigate the applicability of a bottom-up evaluation strategy for a first order fragment of linear logic [7] for the purposes of automated validation of authentication protocols. Following [11], we use multi-conclusion clauses to represent the behaviour of agents in a protocol session, and we adopt the Dolev-Yao intruder model and related message and cryptographic assumptions. Also, we use universal quantification to provide a logical and clean way to express creation of nonces. Our approach is well suited to verify properties which can be specified by means of minimality conditions. Unlike traditional approaches based on model-checking, we can reason about parametric, infinite-state systems, thus we do not pose any limitation on the number of parallel runs of a given protocol. Furthermore, our approach can be used both to find attacks and to prove correctness of protocols. We present some preliminary experiments which we have carried out using the above approach