Mehr lesen
The Tamarin prover is an open-source analysis tool for cryptographic protocols. Given a specification of a protocol, possible adversaries, and the desired security properties, Tamarin either verifies the protocol or provides counter examples witnessing attacks. Tamarin is a robust and powerful analysis tool: it has been under development for over a decade and has reached a state of maturity where it can be applied to model and analyze a wide range of real-world cryptographic protocols. It is now one of the leading tools in this domain, with a wide and active user community spanning both academia and industry.
The objective of this book is to help both researchers and practitioners to gain a general understanding of how Formal Methods tools like Tamarin can be used to analyze and improve the quality of real-world protocols. Moreover, we specifically showcase the Tamarin prover and provide guidance on its usage. In this sense, this book provides a user's manual forTamarin. But it goes far beyond that, highlighting Tamarin's underlying theory and its use in modeling and applications.
Inhaltsverzeichnis
Foreword.- Introduction.- An Example.- Modeling Foundations.- Modeling State Machines.- Specifying Trace Properties in Tamarin.- Using Tamarin.- Built-in Equational Theories.- Pre-computation and Deconstructions.- Lemma Annotations.- Basic Modeling.- Common Workflows.- Case Study: 5G-AKA.- Observational Equivalence.- User-Specified Equational Theories.- Advanced modeling of primitives.- Reducing Proof-Construction Time.- Analyzing Protocol Families.- Impact in Practice.
Über den Autor / die Autorin
David Basin is a professor in the Department of Computer Science, ETH Zurich since 2003, where he heads the Information Security Group. His research focuses on Information Security, in particular on foundations, methods, and tools for modeling, building, and validating secure and reliable systems. He is Editor-in-Chief of Springer-Verlag's book series on Information Security and Cryptography and, from 2015 - 2020, of ACM Transactions on Privacy and Security. He is also the founding director of ZISC, the Zurich Information Security Center, which he led from 2003-2011. He is a Fellow of the ACM and of the IEEE.
Cas Cremers is a faculty member at the CISPA Helmholtz Center for Information Security in Saarbruecken, Germany, and honorary professor at Saarland University. From 2006 - 2013 he was a postdoctoral researcher, and senior researcher and lecturer, at ETH Zurich. In 2013 he joined the University of Oxford as an Associate Professor, becoming full Professor in 2015. In 2018 he joined CISPA. His work includes co-developing the Scyther and Tamarin tools, and contributing to the TLS and MLS standards of the IETF. His research focuses on formal methods, applied cryptography, and foundations for secure communications.
Jannik Dreier is an associate professor at the Université de Lorraine in Nancy, France. He studied computer science at Karlsruhe Institute of Technology and ENSIMAG, Grenoble, and completed a PhD in computer science at the University Grenoble Alpes in 2013. He then was a postdoctoral researcher at ETH Zurich until 2015. Since 2021, he has been co-chairing the working group on formal methods for security of the CNRS research network on IT security. His research focuses on the design and analysis of cryptographic protocols, for example for electronic voting, using rigorous methods and automated tools.
Ralf Sasse is a senior scientist and lecturer at the Department of Computer Science at ETH Zurich. He received his M.Sc. degree in computer science from Karlsruhe Institute of Technology in 2005, and his Ph.D. in computer science from the University of Illinois at Urbana-Champaign in 2012. His research focuses on the theory and practice of cryptographic security protocol verification, and particularly on developing tools that assist in this task. Recent work applied this to 5G mobile communication and EMV payment card security.
Zusammenfassung
The Tamarin prover is an open-source analysis tool for cryptographic protocols. Given a specification of a protocol, possible adversaries, and the desired security properties, Tamarin either verifies the protocol or provides counter examples witnessing attacks. Tamarin is a robust and powerful analysis tool: it has been under development for over a decade and has reached a state of maturity where it can be applied to model and analyze a wide range of real-world cryptographic protocols. It is now one of the leading tools in this domain, with a wide and active user community spanning both academia and industry.
The objective of this book is to help both researchers and practitioners to gain a general understanding of how Formal Methods tools like Tamarin can be used to analyze and improve the quality of real-world protocols. Moreover, we specifically showcase the Tamarin prover and provide guidance on its usage. In this sense, this book provides a user’s manual forTamarin. But it goes far beyond that, highlighting Tamarin’s underlying theory and its use in modeling and applications.
