A security protocol specification language extension for modal logic-based verification

Abstract

Security services for mobile and fixed communication networks, such as authentication, key distribution, non-repudiation, fair exchange and certified e-mail, are realised using cryptographic security protocols. Security protocols are required to ensure the security of both the communication infrastructure itself and the information that runs through it. Formal verification of cryptographic-based security protocols using logic-based techniques, provides a rigid and thorough means of evaluating the correctness of cryptographic protocols so that even subtle defects in the protocol design can be identified. Formal verification proves the correctness of the protocol against its design goals. An important component of the formal verification process is initially formalising the security protocol, so that the subsequent verification is based on an accurate description of the protocol. This paper introduces a new extension of the common authentication protocol specification language (CAPSL). This extension enables the specification of security protocol in the CAPSL specification language and its formal verification using the Coffey-Saidha modal logic of knowledge and belief. The Needham-Schroeder public key authentication protocol is specified in the extended language to demonstrate its application.