The AVISS Security Protocol Analysis Tool
Alessandro Armando6, David Basin7, Mehdi Bouallagui8, Yannick Chevalier8, Luca Compagna6, Sebastian Mödersheim7, Michael Rusinowitch8, Mathieu Turuani8, Luca Viganò7 and Laurent Vigneron8
| (6) |
Mechanized Reasoning Group, DIST Università di Genova, Italy |
| (7) |
Institut für Informatik, Universität Freiburg, Germany |
| (8) |
LORIA-INRIA-Lorraine, Nancy, France |
Abstract
We introduce AVISS, a tool for security protocol analysis that supports the integration of back-ends implementing different
search techniques, allowing for their systematic and quantitative comparison and paving the way to their effective interaction.
As a significant example, we have implemented three back-ends, and used the AVISS tool to analyze and find flaws in 36 protocols,
including 31 problems in the Clark-Jacob’s protocol library and a previously unreported flaw in the Denning-Sacco protocol.
This work was supported by the FET Open Assessment Project IST-2000-26410, “AVISS: Automated Verification of Infinite State
Systems”.
References secured to subscribers.