Journal ArticleOPEN ACCESS

Automatically checking commitment protocols in ProVerif without false attacks

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9036 137-155
DOI: 10.1007/978-3-662-46666-7_8
9Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

ProVerif over-approximates the attacker’s power to enable verification of processes under replication. Unfortunately, this results in ProVerif finding false attacks. This problem is particularly common in protocols whereby a participant commits to a particular value and later reveals their value. We introduce a method to reduce false attacks when analysing secrecy. First, we show how inserting phases into nonreplicated processes enables a more accurate translation to Horn clauses which avoids some false attacks. Secondly, we generalise our methodology to processes under replication. Finally, we demonstrate the applicability of our technique by analysing BlueTooth Simple Pairing. Moreover, we propose a simplification of this protocol that achieves the same security goal.

Cite

CITATION STYLE

APA

Chothia, T., Smyth, B., & Staite, C. (2015). Automatically checking commitment protocols in ProVerif without false attacks. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9036, 137–155. https://doi.org/10.1007/978-3-662-46666-7_8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free