• DocumentCode
    559848
  • Title

    Automatic Verification of Password-Based Authentication Protocols Using Smart Card

  • Author

    Hu, Bin ; Xie, Qi ; Li, Yang

  • Author_Institution
    Dept. of Comput. Sci., Hangzhou Normal Univ., Hangzhou, China
  • Volume
    1
  • fYear
    2011
  • fDate
    24-25 Sept. 2011
  • Firstpage
    34
  • Lastpage
    39
  • Abstract
    Password-based authentication protocols attempt to establish mutual authentication in remote access control and other applications in computer networks. However, up to now, most of their security properties are not rigidly proved, but informally discussed or declared. And this has been the main problem during protocol design and application. In this paper, we study the automatic way for the verification of password-based authentication protocols based on a horn clause based model of the protocol. The applied pi calculus is a formalism for modeling such protocols, allows us to verify properties with automatic tools, and to rely on manual proof techniques for cases where automatic tools are unable to handle. We model Song´s advanced smart based password authentication protocol, a known protocol for password-based authentication, in the applied pi calculus, formalize the mutual authentication property as correspondence between events. We use the Prove if tool to prove that the property is satisfied. Other security properties can also be verified in the same way.
  • Keywords
    authorisation; computer network security; cryptographic protocols; pi calculus; smart cards; ProVerif tool; automatic password-based authentication protocol verification; computer network security; horn clause based protocol model; manual proof techniques; mutual authentication; pi calculus; remote access control; smart card; Authentication; Calculus; Equations; Protocols; Servers; Smart cards; ProVerif; formal verification; password-based authentication protocol; the applied pi calculus;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Technology, Computer Engineering and Management Sciences (ICM), 2011 International Conference on
  • Conference_Location
    Nanjing, Jiangsu
  • Print_ISBN
    978-1-4577-1419-1
  • Type

    conf

  • DOI
    10.1109/ICM.2011.286
  • Filename
    6113349