Homomorphisms and Minimality for Enrich-by-Need Security Analysis

TL;DR

This paper introduces LPA, a context-aware protocol analysis tool that employs homomorphism-based minimal models to improve security analysis accuracy using SMT technology.

Contribution

It presents algorithms for constructing homomorphism-minimal models and generating model sets, advancing enrich-by-need security analysis methods.

Findings

LPA effectively analyzes protocols in context.

Algorithms for minimal model construction are successfully implemented.

Homomorphism-based minimality improves analysis precision.

Abstract

Cryptographic protocols are used in different environments, but existing methods for protocol analysis focus only on the protocols, without being sensitive to assumptions about their environments. LPA is a tool which analyzes protocols in context. LPA uses two programs, cooperating with each other: CPSA, a well-known system for protocol analysis, and Razor, a model-finder based on SMT technology. Our analysis follows the enrich-by-need paradigm, in which models of protocol execution are generated and examined. The choice of which models to generate is important, and we motivate and evaluate LPA's strategy of building minimal models. "Minimality" can be defined with respect to either of two preorders, namely the homomorphism preorder and the embedding preorder (i.e. the preorder of injective homomorphisms); we discuss the merits of each. Our main technical contributions are algorithms for building homomorphism-minimal models and for generating a set-of-support for the models of a theory, in each case by scripting interactions with an SMT solver.