A Security Protocol Animator Tool for AVISPA · AVISPA is a veriﬁcation tool for cryptographic...

The Need for a protocol animator in the AVISPA System The protocol animator Experiments Futher Work

A Security Protocol Animator Tool for AVISPA

Yann Glouche1 Thomas Genet1

1IRISA-INRIA, Rennes, FranceTeam LANDE

Artist2 Security Workshop, 18th May 2006

A Security Protocol Animator Tool for AVISPA Yann Glouche, Thomas Genet

1 The Need for a protocol animator in the AVISPA System

2 The protocol animator

3 Experiments

4 Futher Work

3 Experiments

4 Futher Work

3 Experiments

4 Futher Work

3 Experiments

4 Futher Work

3 Experiments

4 Futher Work

The Need for a protocol animator in the AVISPA System

Avispa project

AVISPA is a verification tool for cryptographic protocols.

High Level Protocol Specification Language (HLPSL).

Ability to use different techniques on the same protocolspecification.

HLPSL +3

��

Animator

qy jjjjjjjjjjjjjjjjj

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

'/VVVVVVVVVVVVVVVVVVVVVVV

VVVVVVVVVVVVVVVVVVVVVVV

OFMC CL SATMC TA4SP

Avispa tools

1 On-the-Fly Model-Checker (OFMC)2 Constraint-Logic-based model-checker (CL)3 SAT-based Model-Checker (SATMC)4 Tree Automata Automatic Approximations

for the Analysis of Security Protocol (TA4SP)

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

HLPSL +3

��

Animator

jjjjjjjjjjjjjjjjj

v~ uuuuu

uuuuuu

"*NNNNNNNNNNN

NNNNNNNNNNN

OFMC CL SATMC TA4SP

Avispa tools

role a(...)State=0 ∧ RCV(start)

=|> State’:=1 ∧ Na’:=new()∧ SND({Na’.A } Kb)

State=1 ∧ RCV(Na.Nb’ Ka)=|> State’:=2

∧ SND({Nb’ } Kb)role b(...)

State=0 ∧ RCV({Na’.A’ } Kb)=|> State’:=1 ∧ Nb’:=new()

∧ SND({Na’.Nb } Ka)State=1 ∧ RCV({Nb} Kb)

=|> State’:=2

A → B : {Na, A}Kb

A → B : {Na, Nb}Ka

A → B : {Nb}Kb

The Need for a protocol animator

⇒ produce interactively MSC from an HLPSL specification.

role a(...)State=0 ∧ RCV(start)

=|> State’:=1 ∧ Na’:=new()∧ SND({Na’.A } Kb)

State=1 ∧ RCV(Na.Nb’ Ka)=|> State’:=2

∧ SND({Nb’ } Kb)role b(...)

State=0 ∧ RCV({Na’.A’ } Kb)=|> State’:=1 ∧ Nb’:=new()

∧ SND({Na’.Nb } Ka)State=1 ∧ RCV({Nb} Kb)

=|> State’:=2

A → B : {Na, A}Kb

A → B : {Na, Nb}Ka

A → B : {Nb}Kb

The Need for a protocol animator

⇒ produce interactively MSC from an HLPSL specification.

3 Experiments

4 Futher Work

The protocol animator

Protocol specification

Protocol specifications in HLPSL are divided into roles.

Example (Protocol specification)

Roles declarationrole a(A : agent...)

State=0 ∧ RCV(start)=|> State’:=1 ∧ Na’:=new() ∧ SND({Na’.A } Kb)

State=1 ∧ RCV(Na.Nb’ Ka) =|> State’:=2 ∧ SND({Nb’ } Kb)role b(B : agent...)

State=0 ∧ RCV({Na’.A’ } Kb)=|> State’:=1 ∧ Nb’:=new() ∧ SND({Na’.Nb } Ka)State=1 ∧ RCV({Nb} Kb) =|> State’:=2

Session declarationrole one session(A, B : agent...) composition

a(A...) ∧ b(B...)

Scenario declarationone session(alice, bob...) ∧one session(charlie, dane...)

Protocol specification

Protocol specifications in HLPSL are divided into roles.

Example (Protocol specification)

Roles declarationrole a(A : agent...)

State=0 ∧ RCV(start)=|> State’:=1 ∧ Na’:=new() ∧ SND({Na’.A } Kb)

State=1 ∧ RCV(Na.Nb’ Ka) =|> State’:=2 ∧ SND({Nb’ } Kb)role b(B : agent...)

State=0 ∧ RCV({Na’.A’ } Kb)=|> State’:=1 ∧ Nb’:=new() ∧ SND({Na’.Nb } Ka)State=1 ∧ RCV({Nb} Kb) =|> State’:=2

Session declarationrole one session(A, B : agent...) composition

a(A...) ∧ b(B...)

Scenario declarationone session(alice, bob...) ∧one session(charlie, dane...)

one session(alice, bob...) ∧ one session(charlie, dane...)

The features of current version

Full support of HLPSLInteractive construction of MSC guided by the userbecause of

. non deterministic protocols

. choices in interleaved sessions

usual undo/redo in constructed MSCs

MSCs import/export

3 Experiments

4 Futher Work

Experiments

We have applied the animator to several protocols

all the protocols of the AVISPA Library

a new protocol developped by Thomson called UserSupervised Device Pairing (USDP) for pairing two devices

Experiments

An execution trace of Thomson’s USDP protocol

Experiments

3 Experiments

4 Futher Work

Futher Work

A correct treatment of mathematical functions

This is not yet fully functional when messages include exp,xor.

Integration of a mode to replay interactively the attacks

Execute an intruder role who receive, replay, and treat allmessages sent by an agent.

Futher Work

A correct treatment of mathematical functions

This is not yet fully functional when messages include exp,xor.

Integration of a mode to replay interactively the attacks

Execute an intruder role who receive, replay, and treat allmessages sent by an agent.

A Security Protocol Animator Tool for AVISPA · AVISPA is a veriﬁcation tool for cryptographic...

Documents

Vespa velutina o avispa asiática - Aretxabaleta...Vespa velutina o avispa asiática Egoitz Galartza, apicultor y veterinario de GEE (2012ko udaberria) • Ha sido declarada especie

Dennet voluntad avispa sphex

AVISPA Automated Validation of Internet Security Protocols and Applications

La Avispa 34

AVISPA ASIATICA (Vespa velutinafemp.femp.es/files/3580-1795-fichero/NEIKER.pdf · AVISPA ASIATICA (Vespa velutina) Jesse Barandika NEIKER jbarandika@neiker.eus VII ASAMBLEA DE LA

AVISPA ASIATICA

Automated Validation of Internet Security Protocols and Applications (AVISPA)

Tightlacing, riesgos de la cintura de avispa

Vespa velutina o avispa asiática - Aretxabaletako Udala · Vespa velutina o avispa asiática Egoitz Galartza, apicultor y veterinario de GEE (2012ko udaberria) • Ha sido declarada

PLAN DE LUCHA Y CONTROL DE LA AVISPA ASIÁTICA EN 2018PLAN DE LUCHA Y CONTROL DE LA AVISPA ASIÁTICA EN ASTURIAS. 2018 2 INTRODUCCIÓN LA AVISPA ASIÁTICA. DIMENSIÓN DEL PROBLEMA

abeja vs avispa

The AVISPA Project: Automated Validation of Internet Security Protocols and Applications

ALERTA DE PLAGA EN EUCALIPTO : Avispa de la agalla · de la avispa de la agalla del eucalipto relacionadas con técnicas de mejoramiento genético, control biológico y control

Mapa de la expansión de la avispa asiática por Francia

Revista La Avispa 54

a Security Protocol ANimator for AVISPApeople.irisa.fr/Thomas.Genet/span/manual.pdf · INRIA/IRISA LANDE Project a Security Protocol ANimator for AVISPA Version 1.5 User Manual September

TOLERANCIA A LA AVISPA DEL CASTAÑO (DRYOCOSMUS … · La avispa del castaño Dryocosmus kuriphilus, procedente de China, es considerada la principal plaga del castaño europeo (Castanea

HLPSL Tutorial - The AVISPA Project

LA REGULACIÓN DE LA AVISPA ASIÁTICA EN … velutina (MAGRAMA, 2015). En el ciclo anual, la avispa reina cuando emerge tras el invierno, forma un primer nido, el primario, que es

La aparición de la avispa asiática en burgos