Theory Generation for Security Protocols

Abstract

generation, RV This thesis introduces theory generation, a new general-purpose technique for performing automated verification. Theory generation draws inspiration from, and complements, both automated theorem proving and symbolic model checking, the two approaches that currently dominate mechanical reasoning. At the core of this approach is the notion of producing a finite representation of a theory—all the facts derivable from a set of assumptions. An algorithm is presented for producing compact theory representations for an expressive class of simple logics. Security-sensitive protocols are widely used today, and the growing popularity of electronic commerce is leading to increasing reliance on them. Though simple in structure, these protocols are notoriously difficult to design properly. Since specifications of these protocols typically involve a small number of principals, keys, nonces, and messages, and since many properties of interest can be expressed in “little logics ” such as the Burrows-Abadi-Needham (BAN) logic of authentication