SAT-based lazy formal analysis method for security protocols

Chun-xiang GU; Huan-xiao WANG; Yong-hui ZHENG; Dan XIN; Nan LIU

Tongxin xuebao (Nov 2014)

SAT-based lazy formal analysis method for security protocols

Chun-xiang GU,
Huan-xiao WANG,
Yong-hui ZHENG,
Dan XIN,
Nan LIU

Affiliations

Chun-xiang GU
Huan-xiao WANG
Yong-hui ZHENG
Dan XIN
Nan LIU

Journal volume & issue: Vol. 35
pp. 117 – 125

Abstract

Read online

A SAT-based security protocol formalization analysis method named SAT-LMC is proposed.The method introduces optimized the initial state and transformational rules with “lazy” idea.The efficiency of detection is significantly improved.Moreover，by adding support for strong type flaw attack defect，the attack detection becomes more comprehensive.A security protocol analysis tool is implemented based on the method; a type flaw attack is detected for protocol Otway-Rees.For OAuth2.0 protocol，analysis shows that there is a kind of man-in-the-middle attack of the authorization code in some application scenarios.

security protocols;formalization analysis;Boolean satisfiability problem;lazy analyze;type flaw attack

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords