Security protocols specify the communication required to achieve security objectives, e.g.,
data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting,
etc. Formal verification is used to discover protocol-design flaws.
In this thesis, we use a multiagent systems approach built on temporal-epistemic logic
to model and analyse a bounded number of concurrent sessions of authentication and
key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness
of classical, trace-based frameworks by mapping each protocol requirement into a
hierarchy of temporal-epistemic formulae.
To automate our methodology, we design and implement a tool called PD2IS. From a
high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic
specifications of the protocol’s goals. This output is verified with the model checker MCMAS.
We benchmark our methodology on various protocols drawn from standard repositories.
We extend our approach to formalise protocols described by equations of cryptographic
primitives. The core of this extension is an indistinguishability relation to accommodate the
underlying protocol equations. Based on this relation, we introduce a knowledge modality and
an algorithm to model check multiagent systems against it. These techniques are applied to
verify e-voting protocols.
Furthermore, we develop our methodology towards intrusion-detection techniques. We
introduce the concept of detectability, i.e., the ability of protocol participants to detect
jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support
detectability analysis. We model check several attack-prone protocols against their detectability
specifications