I want a tool that (runs on Win7 and) can perform automated verification of a protocol in the eCK security model as described in Microsoft Research's paper "Stronger Security of Authenticated Key Exchange".
Does anyone know such a tool?
Asked
Active
Viewed 938 times
4 Answers
6
None of the above answers seem to take into account that you apparently want to establish security with respect to the eCK model; the above answers are mostly about tools that verify some (related but different) properties.
Afaik, there is current no automatic tool that can give you analysis with respect to the exact eCK model.
In the symbolic setting, which does not give you a reduction to a known hard problem as in the real eCK model, Scyther and Tamarin have been used to analyze protocols like Naxos etc. in a symbolic version of the eCK model. So that includes revealing the randomness, revealing session keys of non-matching sessions, weak perfect forward secrecy, etc.
If the reduction to the computational hardness problem is your main goal, you could try to do a computational proof with CryptoVerif. Afaik, no one has used it for the eCK model and such (relatively) complex protocols yet.
Short summary of my opinion: if you want an automatic tool to
reduce to known hard computational problem, but care less about specific details of the eCK model: try CryptoVerif. (There's a good pointer to CryptoVerif references above.)
capture main aspects of eCK model, but care less about computational aspects: try Tamarin (or Scyther). Papers that discuss their use for eCK-like models are here and here, respectively.
user4621
- 712
- 3
- 8
5
Just wrapping my comment into an answer as it seems to be what you're looking for…
CryptoVerif can be used for verification of security against polynomial time adversaries in the computational model. It's available via http://prosecco.gforge.inria.fr/personal/bblanche/cryptoverif/cryptoverifbin.html
Related to your "it doesn't work on my computer", here's an example how to test if it works (which it will on Win7 - which you previously wrote you're using):
- create
c:\cv\and decompress the contents of the downloaded package in there. - Open a command-line prompt and go to
c:\cv\where thecryptoverif.exeresides. - Run
cryptoverif.exe c:\cv\examples\fdh.cv
As for your question about TEX output, it would go like this:
cryptoverif.exe -tex somefilename.tex c:\cv\examples\fdh.cv
The manual, which is included in the download package, will provide you with the rest of the commandline parameters and a detailed description on how to use it.
Here's a screenshot of the --help parameter:
EDIT
A bit late, but The Scyther Tool may come handy too.
Mike Edward Moras
- 18,161
- 12
- 87
- 240
4
I can highly recommend AVISPA, a tool for automated verification of cryptographic protocols. It is available as a web service, so you can upload a description of your protocol to their web server and it will give you a security analysis of it. They have detailed documentation of how to use their system and of their specification language for protocols, so you can model your protocol in their language. They integrate with multiple protocol verification back-ends and automatically analyze your protocol with all available back-ends. It's great stuff: give it a try.
You might also check out the ProVerif system. It is more sophisticated and flexible -- but also has a substantially steeper learning curve.
I'm not familiar with the eCK security model, so you'll have to investigate on your own whether these tools can be used for what you want.
(I have no relationship to either project, other than being a fan of their work and a happy user of their tools.)
D.W.
- 36,982
- 13
- 107
- 196
4
I could add to the list (in alphabetical order):
- Casper (http://www.cs.ox.ac.uk/gavin.lowe/Security/Casper/)
- Proverif (proverif.di.ens.fr/index.php)
- Scyther (http://people.inf.ethz.ch/cremersc/scyther/)
absinthe_minded
- 475
- 4
- 10