Homomorphisms and Minimality for Enrich-by-Need Security Analysis
This work addresses the need for context-sensitive security analysis in cryptographic protocols, representing an incremental improvement by building on existing tools like CPSA and Razor.
The paper tackles the problem of cryptographic protocol analysis by introducing LPA, a tool that analyzes protocols in context using the enrich-by-need paradigm, with results including algorithms for building homomorphism-minimal models and generating a set-of-support for theory models by scripting SMT solver interactions.
Cryptographic protocols are used in different environments, but existing methods for protocol analysis focus only on the protocols, without being sensitive to assumptions about their environments. LPA is a tool which analyzes protocols in context. LPA uses two programs, cooperating with each other: CPSA, a well-known system for protocol analysis, and Razor, a model-finder based on SMT technology. Our analysis follows the enrich-by-need paradigm, in which models of protocol execution are generated and examined. The choice of which models to generate is important, and we motivate and evaluate LPA's strategy of building minimal models. "Minimality" can be defined with respect to either of two preorders, namely the homomorphism preorder and the embedding preorder (i.e. the preorder of injective homomorphisms); we discuss the merits of each. Our main technical contributions are algorithms for building homomorphism-minimal models and for generating a set-of-support for the models of a theory, in each case by scripting interactions with an SMT solver.