Abstract

The application of formal methods for rigorously validating cryptographic protocols has been getting increasing attention. The de facto standard for modeling such protocols in formal proof systems is the Dolev-Yao model that, e.g., uses abstract encryption instead of cryptographic encryption primitives. The Dolev-Yao model has been originally intended and successfully used for detecting flaws in many protocols. However, recent publications claim to perform actual proofs of security using this model, i.e., absence of any attack. We doubt this claim and challenge Dolev-Yao-based models as being oversimplified for establishing security proofs against arbitrary attacks.We substantiate our claim by an example protocol. This protocol has been proven secure in a Dolev-Yao-based model using formal methods. In a later publication, the protocol has been broken by describing a cryptographic attack. The attack was not detected in the formal analysis since any Dolev-Yao-based model only comprises a predefined set of capabilities. The particular attack to break the protocol was not comprised.The only reliable long-term remedy is to proof resilience against all attacks (both known and unknown ones). Recent approaches on cryptographic models of security have already made great progress towards this goal. Unfortunately, proofs in these are more complex and harder to automate. On the short run, it therefore is appropriate to improve the quality of formal analysis without striving for complete proofs. This can be achieved by means of evolving a of capabilities. Future formal analysis can then show resilience against any attack in this catalog. We initiate this discussion on an adversary capability catalog by providing a cryptographer's wish list. This list that points out several features which approaches based on the Dolev-Yao model or future extensions of it should cover in order to be effective for cryptographic protocol verification.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.