This repository contains academic work on security protocol modeling and verification completed during the Master's in Information Security program at Alexandru Ioan Cuza University of Iasi, under the guidance of Lecturer, Ph.D. Cătălin Bîrjoveanu.
This repository contains formal models and analyses of various security protocols using specialized verification tools. The work focuses on:
- Protocol design and specification
- Formal verification using CL-AtSe and Scyther tools
- Analysis of security properties (authentication, secrecy, etc.)
- Group authentication protocols
- Multi-protocol attack scenarios
.
├── HW1/ # Homework 1 - Basic protocol design
│ ├── proj.hlpsl # HLPSL protocol specification
│ └── README.md # Assignment description
│
├── HW2/ # Homework 2 - Protocol improvements
│ ├── protocol_hw2.spdl # Scyther protocol specification
│ └── README.md # Assignment description
│
├── multiprotocol-attacks/ # Multi-protocol attack analysis
│ ├── Protocolv0.spdl # Original protocol version
│ ├── Protocolv1.spdl # Modified protocol version
│ ├── Protocolv0_v1.spdl # Combined protocol analysis
│ └── README.md # Analysis results
│
├── presentation/ # Group authentication presentation
│ ├── group_protocols_auth.bib # Bibliography
│ ├── group-auth-dlp1-neq2.spdl # Protocol specification
│ ├── Prezentare_*.bib # Presentation bibliography
│ └── Prezentare_*.tex # Presentation LaTeX source
│
├── .gitignore # Git ignore rules
└── README.md # This file
- CL-AtSe: For analyzing HLPSL protocol specifications
- Scyther: For formal verification of security protocols
- LaTeX: For academic presentation and documentation
- Git: Version control
Design and verification of a basic authentication protocol
- Models a client-server authentication protocol with session key establishment
- Uses HLPSL language for specification
- Verified using CL-AtSe tool
- Based on Example 2 from the AVISPA tutorial
Key files:
proj.hlpsl: Protocol specificationREADME.md: Assignment description
Analysis and improvement of NSL protocol variant
- Models and verifies a modified Needham-Schroeder-Lowe protocol
- Proposes and tests six protocol improvements
- Uses Scyther for formal verification
Key files:
protocol_hw2.spdl: Protocol specificationREADME.md: Analysis of improvements
Analysis of cross-protocol attacks
- Contains three versions of authentication protocols
- Demonstrates how similar protocols can be vulnerable when run concurrently
- Includes visual verification results from Scyther
Key files:
Protocolv0.spdl: Original protocolProtocolv1.spdl: Modified protocolProtocolv0_v1.spdl: Combined analysis
Formal analysis of group authentication protocols
- Presents framework for group authentication protocols
- Formal verification using Scyther
- Analysis of security properties (authentication, secrecy, etc.)
Key files:
Prezentare_*.tex: Presentation LaTeX sourcegroup_protocols_auth.bib: Bibliographygroup-auth-dlp1-neq2.spdl: Protocol specification
To reproduce the analyses:
-
Install required tools:
-
For protocol verification:
scyther --verify protocol_hw2.spdl
-
To compile the presentation:
pdflatex Prezentare_*.tex bibtex Prezentare_*.aux pdflatex Prezentare_*.tex pdflatex Prezentare_*.tex
This project is licensed under the MIT License - see the LICENSE file for details.
- Lecturer, Ph.D. Cătălin Bîrjoveanu for guidance
- University of Agder researchers for foundational work on group authentication protocols
- Developers of Scyther and CL-AtSe verification tools