Decidable Inductive Invariants for Verification of Cryptographic Protocols with Unbounded Sessions

Emanuele D'Osualdo, Felix Stutz, Laura Kovács, Igor Konnov
2020 International Conference on Concurrency Theory  
We develop a theory of decidable inductive invariants for an infinite-state variant of the Applied πcalc, with applications to automatic verification of stateful cryptographic protocols with unbounded sessions/nonces. Since the problem is undecidable in general, we introduce depth-bounded protocols, a strict generalisation of a class from the literature, for which our decidable analysis is sound and complete. Our core contribution is a procedure to check that an invariant is inductive, which
more » ... lies that every reachable configuration satisfies it. Our invariants can capture security properties like secrecy, can be inferred automatically, and represent an independently checkable certificate of correctness. We provide a prototype implementation and we report on its performance on some textbook examples.
doi:10.4230/lipics.concur.2020.31 dblp:conf/concur/DOsualdoS20 fatcat:7fznao3pvnemxmylldz6uam6wm