Towards a Formal Verification of a Multi-factor Authentication Protocol Using Automated Theorem Provers

Author

Santos, Eduardo Dos ; Martina, Jean Everson ; Custódio, Ricardo Felipe

Author_Institution

Dept. de Inf. e de Estatistica, Univ. Fed. de Santa Catarina (UFSC), Florianopolis, Brazil

fYear

2012

fDate

25-27 June 2012

Firstpage

84

Lastpage

91

Abstract

We present a proposal for a new multi-factor authentication scheme through the use of biometrics and smart-cards. Targeted to the Brazilian court system, which is being redesigned, the main goals of this protocol are to provide adequate division between authentication and authorisation services, as well as, the existence of different roles for improved security and management. In addition, we formalised the protocol into a first-order logic model and verified it with an automated theorem prover. Our main contributions are the design of the protocol and the usage of a methodology including design, verification, implementation and deployment of a protocol of nation-wide scale.

Keywords

authorisation; biometrics (access control); cryptographic protocols; formal logic; formal verification; law; smart cards; theorem proving; Brazilian court system; authorisation services; automated theorem provers; biometrics; first-order logic model; formal verification; multifactor authentication protocol; smart-cards; Authentication; Biometrics; Databases; Protocols; Public key; Servers; Automated Theorem Proving; Formal Verification; Multi-factor Authentication; Security Protocol;

fLanguage

English

Publisher

ieee

Conference_Titel

Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on

Conference_Location

Liverpool

Print_ISBN

978-1-4673-2172-3

Type

conf

DOI

10.1109/TrustCom.2012.278

Filename

6295962