Team for Research in
Ubiquitous Secure Technology

ASPIER: An Automated Framework for Verifying Security Protocol Implementations

Citation
"ASPIER: An Automated Framework for Verifying Security Protocol Implementations". S. Chaki, A. Datta (eds.), 22nd IEEE Computer Security Foundations Symposium, July, 2009.

Abstract
We present ASPIER – the first framework that combines software model checking with a standard protocol security model to automatically analyze authentication and secrecy properties of protocol implementations in C. The technical approach extends the iterative abstraction-refinement methodology for software model checking with a domainspecific protocol and symbolic attacker model. We have implemented the ASPIER tool and used it to verify authentication and secrecy properties of a part of an industrial strength protocol implementation – the handshake in OpenSSL – for configurations consisting of up to 3 servers and 3 clients. We have also implemented two distinct methods for reasoning about attacker message derivations, and evaluated them in the context of OpenSSL verification. ASPIER detected the “version-rollback” vulnerability in OpenSSL 0.9.6c source code and successfully verified the implementation when clients and servers are only willing to run SSL 3.0.

Electronic downloads

Citation formats  
  • HTML
     <a
    href="http://www.truststc.org/pubs/752.html"
    ><i>ASPIER: An Automated Framework for Verifying
    Security Protocol Implementations</i></a>, S.
    Chaki, A. Datta (eds.), 22nd IEEE Computer Security
    Foundations Symposium, July, 2009.
  • Plain text
     "ASPIER: An Automated Framework for Verifying Security
    Protocol Implementations". S. Chaki, A. Datta (eds.),
    22nd IEEE Computer Security Foundations Symposium, July,
    2009.
  • BibTeX
    @proceedings{ChakiDatta09_ASPIERAutomatedFrameworkForVerifyingSecurityProtocol,
        title = {ASPIER: An Automated Framework for Verifying
                  Security Protocol Implementations},
        editor = {S. Chaki, A. Datta},
        organization = {22nd IEEE Computer Security Foundations Symposium},
        month = {July},
        year = {2009},
        abstract = {We present ASPIER â the first framework that
                  combines software model checking with a standard
                  protocol security model to automatically analyze
                  authentication and secrecy properties of protocol
                  implementations in C. The technical approach
                  extends the iterative abstraction-refinement
                  methodology for software model checking with a
                  domainspecific protocol and symbolic attacker
                  model. We have implemented the ASPIER tool and
                  used it to verify authentication and secrecy
                  properties of a part of an industrial strength
                  protocol implementation â the handshake in
                  OpenSSL â for configurations consisting of up to
                  3 servers and 3 clients. We have also implemented
                  two distinct methods for reasoning about attacker
                  message derivations, and evaluated them in the
                  context of OpenSSL verification. ASPIER detected
                  the âversion-rollbackâ vulnerability in
                  OpenSSL 0.9.6c source code and successfully
                  verified the implementation when clients and
                  servers are only willing to run SSL 3.0.},
        URL = {http://www.truststc.org/pubs/752.html}
    }
    

Posted by Jessica Gamble on 5 May 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.