A Short Introduction to Two Approaches in Formal Verification of Security Protocols: Model Checking and Theorem Proving

In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as an example of this approach and then we model and verify some famous security protocols using Scyther. Theorem proving is based on deriving the desired goals from assumption of protocols via a deduction system. We define a deduction system named Simple Logic for Authentication to formally define the notion of authenticated communication based on the structure of the messages, and then we investigate several famous protocols using our proposed deduction system and compare it with the verification results of Scyther model checking. (C) 2016 ISC. All rights reserved.