A UTP approach towards probabilistic protocol verification

Authors

  • Riccardo Bresciani,

    Corresponding author
    1. Lero@TCD & Foundations and Methods Group, School of Computer Science and Statistics, Trinity College Dublin, Dublin, Ireland
    • Correspondence: Riccardo Bresciani and Andrew Butterfield, Foundations and Methods Group, School of Computer Science and Statistics, Trinity College Dublin, Dublin, Ireland.

      E-mail: bresciar@scss.tcd.ie; butrfeld@scss.tcd.ie

    Search for more papers by this author
  • Andrew Butterfield

    Corresponding author
    1. Lero@TCD & Foundations and Methods Group, School of Computer Science and Statistics, Trinity College Dublin, Dublin, Ireland
    • Correspondence: Riccardo Bresciani and Andrew Butterfield, Foundations and Methods Group, School of Computer Science and Statistics, Trinity College Dublin, Dublin, Ireland.

      E-mail: bresciar@scss.tcd.ie; butrfeld@scss.tcd.ie

    Search for more papers by this author

ABSTRACT

This paper describes an approach towards protocol verification, which is based on the Unifying Theories of Programming framework and the associated refinement calculus: we encode protocol runs as predicates, in the form of homogeneous relations between probability distributions on the state space at the beginning and at the end of the protocol. The attacker model is a variation of the classical Dolev–Yao model, where cryptographic primitives can be broken probabilistically. We obtain a lattice of traces, where safe runs (with respect to the attacker not achieving a given goal) of the protocol are at the bottom and possible attacks are above in the order of increasing probability of success for the attacker. Copyright © 2012 John Wiley & Sons, Ltd.

Ancillary