Service Communautaire d'Information sur la Recherche et le Développement - CORDIS

Tree automata based verification of security protocols

The TA4SP (Tree Automata based Automatic Approximations for the Analysis of Security Protocols) tool developed by the INRIA-CASSIS Partner from Besancon (FRANCE) takes as input a specification of a security problem written in AVISPA's Intermediate format (IF) and performs an unbounded verification in an automatic way.

The IF transition system representing the protocol is translated into a rewriting system and the IF initial state is transformed to a regular tree language. This tree language is also considered as the intruder knowledge. By applying the term rewriting system (representing the protocol steps and intruder abilities), TA4SP is able to compute an over-approximation of the intruder knowledge by means of abstractions and automatic approximations. For a given problem, a secrecy property holds when all terms related to this property are not in the language representing the over-approximated knowledge of the intruder. The TA4SP tool uses a tree automata library named Timbuk developed by Thomas Genet (IRISA-Rennes, FRANCE). We have been improving Timbuk in order to support our automatic approximations. To speed up the computation, some optimisations such as the use of coarser abstractions have also been developed.

The counterpart of these coarser abstractions is that the results obtained might be more often inconclusive (a secret is in the over-approximated intruder knowledge). However most of our results have been obtained using this optimisation. Not only is TA4SP able to guarantee the secrecy of data for a given set of sessions but, under some assumptions it is also possible to extend the result for any set of sessions. Although TA4SP has been recently integrated into the AVISPA tool, some promising results have been obtained. Furthermore, we have also started investigating attacks detection in collaboration with Thomas Genet. Indeed, due to the approximations done, TA4SP is not able to deduce whether a data, claimed as secret, is in the real knowledge of the intruder or not. These investigations will allow us to reveal the presence of an attack in some cases. We plan to augment TA4SP scope by adding new features like sets and conditions.

Reported by

Institut National de Recherche en Informatique et en Automatique
615 rue du Jardin Botanique BP 105
54602 Villers les Nancy, Cedex
See on map