|Research Unit in Networking|
and F. Germeau1
1 Research unit in Networking, EECS department, University of Liège, Belgium
AbstractWe explain how the formal language LOTOS can be used to specify security protocols and cryptographic operations. We describe how security properties can be modelled as safety properties and how a model-based verification method can be used to verify the robustness of a protocol against attacks of an intruder. We illustrate our technique on a concrete registration protocol. We find an attack, correct the protocol, propose a simpler yet secure protocol, and finally a more sophisticated protocol that allows a better discrimination between intruder's attacks and classical protocol errors.
KeywordsLOTOS, model-checking, protocol verification, security protocol
Editor: - G. Leduc -
Webmaster: - C. Soldani -
|Still running IPv4 at: 184.108.40.206...||