Rule-based Programming in Java For Protocol Verification

AbstractThis paper presents an approach for the development of model-checkers in a framework, called TOM, merging declarative and imperative features. We illustrate our method by specifying in TOM the Needham-Schroeder public-key protocol that aims to establish a mutual authentication between an initiator and a responder that communicate via an insecure network. We describe the behavior of the agents exchanging messages as well as the intruders and the security invariants the protocol should verify using the rewrite rules of TOM. The (depth-first or breadth-first) exploration of the search space is described using the imperative features of the language. We propose several optimizations and we compare our results to existing approaches