Implementing a Unification Algorithm for Protocol Analysis with XOR

In this paper, we propose a unification algorithm for the theory $E$ which combines unification algorithms for E\_{\std} and E\_{\ACUN} (ACUN properties, like XOR) but compared to the more general combination methods uses specific properties of the equational theories for further optimizations. Our optimizations drastically reduce the number of non-deterministic choices, in particular those for variable identification and linear orderings. This is important for reducing both the runtime of the unification algorithm and the number of unifiers in the complete set of unifiers. We emphasize that obtaining a ``small'' set of unifiers is essential for the efficiency of the constraint solving procedure within which the unification algorithm is used. The method is implemented in the CL-Atse tool for security protocol analysis

Efficient First-Order Temporal Logic for Infinite-State Systems

In this paper we consider the specification and verification of infinite-state systems using temporal logic. In particular, we describe parameterised systems using a new variety of first-order temporal logic that is both powerful enough for this form of specification and tractable enough for practical deductive verification. Importantly, the power of the temporal language allows us to describe (and verify) asynchronous systems, communication delays and more complex properties such as liveness and fairness properties. These aspects appear difficult for many other approaches to infinite-state verification.Comment: 16 pages, 2 figure

Enhancing the security of RCIA ultra-lightweight authentication protocol by using Random Number Generator (RNG) technique

This study is an attempt to enhance the security of Robust Confidentiality, Integrity, and Authentication (RCIA) ultra-lightweight authentication protocols.In the RCIA protocol, IDs value is sent between reader and tag as a constant value.This makes RCIA susceptible to traceability attack which lead to the privacy issue. In order to overcome this problem, Random Number Generator (RNG) technique based on Bitwise operations has been used in the tag side.The idea of this technique is to change the IDs of a tag on every query session so that it will not stay as a constant value.The implementation of Enhanced RCIA has been conducted by using a simulation.The simulation provided the ability to show that the operations of RCIA protocol as to compare with the enhanced RCIA.The outcome shows that the enhanced RCIA outperforms existing one in terms of privacy

Towards a Constrained-based Verification of Parameterized Cryptographic Protocols

International audienceAlthough many works have been dedicated to standard protocols like Needham-Schroeder very few address the more challenging class of group protocol s. We present a synchronous model for group protocols, that generalizes standard protocol models by permitting unbounded lists inside messages. In this extended model we propose a correct and complete set of inference rules for checking security properties in presence of an active intruder for the class of well-tagged protocols. Our inference system generalizes the ones that are implemented in several tools for a bounded number of sessions and fixed size lists in message. In particular when applied to protocols whose specification does not contain unbounded lists our inference system provides a decision procedure for secrecy in the case of a fixed number of sessions

Heuristic Methods for Security Protocols

Model checking is an automatic verification technique to verify hardware and software systems. However it suffers from state-space explosion problem. In this paper we address this problem in the context of cryptographic protocols by proposing a security property-dependent heuristic. The heuristic weights the state space by exploiting the security formulae; the weights may then be used to explore the state space when searching for attacks

A formal model of asynchronous communication and its use in mechanically verifying a biphase mark protocol

In this paper we present a formal model of asynchronous communication as a function in the Boyer-Moore logic. The function transforms the signal stream generated by one processor into the signal stream consumed by an independently clocked processor. This transformation 'blurs' edges and 'dilates' time due to differences in the phases and rates of the two clocks and the communications delay. The model can be used quantitatively to derive concrete performance bounds on asynchronous communications at ISO protocol level 1 (physical level). We develop part of the reusable formal theory that permits the convenient application of the model. We use the theory to show that a biphase mark protocol can be used to send messages of arbitrary length between two asynchronous processors. We study two versions of the protocol, a conventional one which uses cells of size 32 cycles and an unconventional one which uses cells of size 18. We conjecture that the protocol can be proved to work under our model for smaller cell sizes and more divergent clock rates but the proofs would be harder

Enhancing the security of RCIA ultra-lightweight authentication protocol by using random number generator (RNG) technique

With the growing demand for low-cost Radio Frequency Identification (RFID) system, there is a necessity to design RFID ultra-lightweight authentication protocols to be compatible with the system and also resistant against possible attacks. However, the existing ultra-lightweight authentication protocols are susceptible to wide range of attacks. This study is an attempt to enhance the security of Robust Confidentiality, Integrity, and Authentication (RCIA) ultra-lightweight authentication protocols especially with regard to privacy issue. In the RCIA protocol, IDs value is sent between reader and tag as a constant value. The constant value will enable attacker to trace the location of the tag which violates the privacy users. In order to enhance the security of RCIA protocol, Random Number Generator (RNG) technique has been used. This technique relies on generating random numbers in the tag side, based on Bitwise operations. The idea of this technique is to change the IDs of a tag on every query session so that it will not stay as a constant value. The implementation of Enhanced RCIA has been conducted by using a simulation. The simulation provided the ability to show that the operations of RCIA protocol as to compare with the enhanced RCIA. The outcome shows that the enhanced RCIA outperforms existing one in terms of privacy

Decidable Inductive Invariants for Verification of Cryptographic Protocols with Unbounded Sessions

We develop a theory of decidable inductive invariants for an infinite-state variant of the Applied ?calc, with applications to automatic verification of stateful cryptographic protocols with unbounded sessions/nonces. Since the problem is undecidable in general, we introduce depth-bounded protocols, a strict generalisation of a class from the literature, for which our decidable analysis is sound and complete. Our core contribution is a procedure to check that an invariant is inductive, which implies that every reachable configuration satisfies it. Our invariants can capture security properties like secrecy, can be inferred automatically, and represent an independently checkable certificate of correctness. We provide a prototype implementation and we report on its performance on some textbook examples