The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications

Armando, Alessandro; Basin, David; Boichut, Yohan; Chevalier, Yannick; Compagna, Luca; Cuéllar, Jorge; Drielsma, Paul; Héam, Pierre-Cyrille; Kouchnarenko, Olga; Mantovani, Jacopo; Mödersheim, Sebastian; Oheimb, David von; Rusinowitch, Michaël; Santiago, Judson Santos; Turuani, Mathieu; Viganò, Luca; Vigneron, Laurent

doi:10.1007/11513988_27

Cited by 985 publications

(680 citation statements)

References 9 publications

Supporting

Mentioning

677

Contrasting

Unclassified

Order By: Relevance

“…In this paper, we have validated the security properties of SNEP by modeling the protocol using Automated Validation of Internet Security Protocols and Applications (AVISPA) [10]. AVISPA is a push-button tool with industrial-strength technology for the analysis of different Internet security protocols and applications.…”

Section: Introductionmentioning

confidence: 99%

Security Property Validation of the Sensor Network Encryption Protocol (SNEP)

Islam

2015

Computers

View full text Add to dashboard Cite

Since wireless sensor networks (WSNs) have been designed to be deployed in an unsecured, public environment, secured communication is really vital for their wide-spread use. Among all of the communication protocols developed for WSN, the Security Protocols for Sensor Networks (SPINS) is exceptional, as it has been designed with security as a goal. SPINS is composed of two building blocks: Secure Network Encryption Protocol (SNEP) and the "micro" version of the Timed Efficient Streaming Loss-tolerant Authentication (TESLA), named µTESLA. From the inception of SPINS, a number of efforts have been made to validate its security properties. In this paper, we have validated the security properties of SNEP by using an automated security protocol validation tool, named AVISPA. Using the protocol specification language, HLPSL, we model two combined scenarios-node to node key agreement and counter exchange protocols-followed by data transmission. Next, we validate the security properties of these combined protocols, using different AVISPA back-ends. AVISPA reports the models we have developed free from attacks. However, by analyzing the key distribution sub-protocol, we find one threat of a potential DoS attack that we have demonstrated by modeling in AVISPA. Finally, we propose a modification, and AVISPA reports this modified version free from the potential DoS attack.

show abstract

Section: Introductionmentioning

confidence: 99%

Security Property Validation of the Sensor Network Encryption Protocol (SNEP)

Islam

2015

Computers

View full text Add to dashboard Cite

show abstract

“…Over the last decades many automatic tools based on formal analysis techniques have been presented for verifying cryptographic protocols [2,8,11,14,18,29,31,33,40,20]. All these tools use the so-called Dolev-Yao intruder model.…”

Section: Introductionmentioning

confidence: 99%

“…In [4], a large set of protocols is verified using the AVISS tool and timing results are given. In [45], a similar test is performed using the successor of AVISS, called the Avispa tool suite [2]. As the AVISS/Avispa tools consist of respectively three and four back-end tools, these tests effectively work as a comparison between the back end tools.…”

Section: Introductionmentioning

confidence: 99%

Comparison of Cryptographic Verification Tools Dealing with Algebraic Properties

Lafourcade

Terrade

Vigier

2010

Formal Aspects in Security and Trust

View full text Add to dashboard Cite

Abstract. Recently Kuesters et al proposed two new methods using ProVerif for analyzing cryptographic protocols with Exclusive-Or and Diffie-Hellman properties. Some tools, for instance CL-Atse and OFMC, are able to deal with Exclusive-Or and Diffie-Hellman. In this article we compare time efficiency of these tools verifying some protocols of the litterature that are designed with such algebraic properties.

show abstract

“…In this section we recall the syntax and the semantics of the shared-key spi-calculus, following [9]. 3 Syntax We assume an infinite set of names N , ranging from a, b, c, . .…”

Section: Spi Calculusmentioning

confidence: 99%

“…; see e.g. [16,10,3,6]. Actually, both approaches have strong and weak points: automatic tools are quite successful on particular finite-state systems, but they naturally suffer of state-explosion problems and usually cannot be used for proving general properties.…”

Section: Introductionmentioning

confidence: 99%

Implementing Spi Calculus Using Nominal Techniques

Kahsai

Miculan

Logic and Theory of Algorithms

View full text Add to dashboard Cite

Abstract. The aim of this work is to obtain an interactive proof environment based on Isabelle/HOL for reasoning formally about cryptographic protocols, expressed as processes of the spi calculus (a π-calculus with cryptographic primitives). To this end, we formalise syntax, semantics, and hedged bisimulation, an environment-sensitive bisimulation which can be used for proving security properties of protocols. In order to deal smoothly with binding operators and reason up-to α-equivalence of bound names, we adopt the new Nominal datatype package. This simplifies both the encoding, and the formal proofs, which turn out to correspond closely to "manual proofs".

show abstract

The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications

Cited by 985 publications

References 9 publications

Security Property Validation of the Sensor Network Encryption Protocol (SNEP)

Security Property Validation of the Sensor Network Encryption Protocol (SNEP)

Comparison of Cryptographic Verification Tools Dealing with Algebraic Properties

Implementing Spi Calculus Using Nominal Techniques

Contact Info

Product

Resources

About