A Formal Verification Method for Security Protocol Implementations Based on Model Learning and Tamarin

Abstract

The verification of security protocol implementations is notoriously difficult and important. In this paper, combining with the model learning using Tamarin, a formal verification tool of protocol specification, a formal verification method for security protocol implementations is proposed. We extract state machine information from protocol implementations by model learning, and determine suspicious paths in the finite-state machines by cross-validation between different implementations of the same protocol; and then verify whether the suspicious paths violate the security properties of the protocol using Tamarin. It can be used to detect logical errors in protocol implementations and avoid relying on expert experience to make compliance rules from protocol documents when using model checking tools. The effectiveness of this method is demonstrated by the vulnerability detection of the typical ChangeCipherSpec in the TLS protocol implementation. The method proposed can help developers to develop more robust implementations of security protocols.