Sciweavers

CCS
2015
ACM

Automated Symbolic Proofs of Observational Equivalence

8 years 7 months ago
Automated Symbolic Proofs of Observational Equivalence
Many cryptographic security definitions can be naturally formulated as observational equivalence properties. However, existing automated tools for verifying the observational equivalence of cryptographic protocols are limited: they do not handle protocols with mutable state and an unbounded number of sessions. We propose a novel definition of observational equivalence for multiset rewriting systems. We then extend the Tamarin prover, based on multiset rewriting, to prove the observational equivalence of protocols with mutable state, an unbounded number of sessions, and equational theories such as Diffie-Hellman exponentiation. We demonstrate its effectiveness on case studies, including a stateful TPM protocol. Categories and Subject Descriptors D.2.4 [Software/Program Verification]: Formal methods; K.4.4 [Electronic Commerce]: Security General Terms Security, Verification Keywords Protocol verification, observational equivalence, symbolic model
David A. Basin, Jannik Dreier, Ralf Sasse
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors David A. Basin, Jannik Dreier, Ralf Sasse
Comments (0)