Title :
Automatic Verification of Password-Based Authentication Protocols Using Smart Card
Author :
Hu, Bin ; Xie, Qi ; Li, Yang
Author_Institution :
Dept. of Comput. Sci., Hangzhou Normal Univ., Hangzhou, China
Abstract :
Password-based authentication protocols attempt to establish mutual authentication in remote access control and other applications in computer networks. However, up to now, most of their security properties are not rigidly proved, but informally discussed or declared. And this has been the main problem during protocol design and application. In this paper, we study the automatic way for the verification of password-based authentication protocols based on a horn clause based model of the protocol. The applied pi calculus is a formalism for modeling such protocols, allows us to verify properties with automatic tools, and to rely on manual proof techniques for cases where automatic tools are unable to handle. We model Song´s advanced smart based password authentication protocol, a known protocol for password-based authentication, in the applied pi calculus, formalize the mutual authentication property as correspondence between events. We use the Prove if tool to prove that the property is satisfied. Other security properties can also be verified in the same way.
Keywords :
authorisation; computer network security; cryptographic protocols; pi calculus; smart cards; ProVerif tool; automatic password-based authentication protocol verification; computer network security; horn clause based protocol model; manual proof techniques; mutual authentication; pi calculus; remote access control; smart card; Authentication; Calculus; Equations; Protocols; Servers; Smart cards; ProVerif; formal verification; password-based authentication protocol; the applied pi calculus;
Conference_Titel :
Information Technology, Computer Engineering and Management Sciences (ICM), 2011 International Conference on
Conference_Location :
Nanjing, Jiangsu
Print_ISBN :
978-1-4577-1419-1
DOI :
10.1109/ICM.2011.286
