Conformance testing of Extensible Authentication Protocol implementations

A. V. Nikeshin; V. Z. Shnitman

doi:10.15514/ISPRAS-2018-30(6)-5

Труды Института системного программирования РАН (Feb 2019)

Conformance testing of Extensible Authentication Protocol implementations

A. V. Nikeshin,
V. Z. Shnitman

Affiliations

A. V. Nikeshin: Институт системного программирования им. В.П. Иванникова РАН
V. Z. Shnitman: Институт системного программирования им. В.П. Иванникова РАН; Московский физико-технический институт

DOI: https://doi.org/10.15514/ISPRAS-2018-30(6)-5
Journal volume & issue: Vol. 30, no. 6
pp. 89 – 104

Abstract

Read online

The paper presents a model-based approach to conformance testing of Extensible Authentication Protocol (EAP) implementations. Conformance testing is the basic tool to ensure interoperability between implementations of a protocol. Using UniTESK technology allows automating the verification of network protocols based on their formal models. Additional applying of mutation testing allows evaluating the robustness of the implementations to receive incorrect packets. We applied the test suite to several implementations of EAP and present brief results. This approach has proved to be effective in finding several critical vulnerabilities and other specification deviations in the EAP implementations.

Published in Труды Института системного программирования РАН

ISSN: 2079-8156 (Print); 2220-6426 (Online)
Publisher: Ivannikov Institute for System Programming of the Russian Academy of Sciences
Country of publisher: Russian Federation
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://ispranproceedings.elpub.ru/jour/index

About the journal

Abstract

Keywords