Using Animation to Improve Formal Specifications of Security Protocols

Yohan Boichut 1 Thomas Genet 1 Olivier Heen 2 Yann Glouche 1
1 Lande - Logiciel : ANalyse et DEveloppement
IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Inria Rennes – Bretagne Atlantique
Abstract : The verification of cryptographic protocols has greatly improved these last years. Automated tools such as AVISPA provide real help in finding and characterizing attacks. The counterpart is the formal specification of the protocol, using an appropriate language such as HLPSL. Since HLPSL is a very expressive language, this stage is complicated and error-prone before a correct specification is eventually obtained. The verification tools of AVISPA are not designed to detect such specification errors. Unfortunately, as long as it contains typo-like errors, the verification of a HLPSL specification is pointless. In this paper, we propose an animation tool called SPAN †. It turns a formal protocol specification into an execution diagram, according to user choices. We show how the visualization eases the formal specification stage in many ways: drawing of typical execution diagrams, visualization of protocol termination, understanding of interleaved sessions, detection of unwanted side effects, etc. We also show how visualization and simulation of an intruder helps in finding attacks that are not automatically detected by tools.
Document type :
Conference papers
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-00468718
Contributor : Yohan Boichut <>
Submitted on : Wednesday, March 31, 2010 - 2:20:47 PM
Last modification on : Friday, November 16, 2018 - 1:22:42 AM

Identifiers

  • HAL Id : hal-00468718, version 1

Citation

Yohan Boichut, Thomas Genet, Olivier Heen, Yann Glouche. Using Animation to Improve Formal Specifications of Security Protocols. The 2nd National Conference on Security in Network Architectures and Information Systems, 2007, France. ⟨hal-00468718⟩

Share

Metrics

Record views

363