Yongjian Li

Mechanized proofs for the parameter abstraction and guard strengthening principle in parameterized verification of cache coherence protocols

Chou, Mannava, and Park proposed a novel method for verification of safety properties of cache protocols, which is underpinned by the principle of parameter abstraction and guard strengthening. However, no one has formally proved the correctness of this method itself. In this work, we want to fill the gap in the literature. We believe that our work provides an alternative to formally justify this method. The key points of our theory are symmetry and the introduction of an intermediate guard strengthening protocol. We mechanize our theory in Isabelle/HOL.

Towards a theory of bisimulation for the higher-order process calculi

In this paper, a labelled transition semantics for higher-order process calculi is studied. The labelled transition semantics is relatively clean and simple, and corresponding bisimulation equivalence can be easily formulated based on it. And the congruence properties of the bisimulation equivalence can be proved easily. To show the correspondence between the proposed semantics and the well-established ones, the bisimulation is characterized as a version of barbed equivalence and a version of context bisimulation.

An Inductive Approach to Provable Anonymity

We formalise in a theorem prover the notion of provable anonymity proposed by Garcia et al. Our formalization relies on inductive definitions of message distinguish ability and observational equivalence over observed traces by the intruder. Our theory differs from its original proposal which essentially boils down to the existence of a reinterpretation function. We build our theory in Isabelle/HOL to have a mechanical framework for the analysis of anonymity protocols. Its feasibility is illustrated through the onion routing protocol.

Extending the Strand Space Method to Verify Kerberos V

In this paper, we present two extensions of the strand space method to model Kerberos V. First, we include time and timestamps to model security protocols with times- tamps: we relate a key to a crack time and combine it with timestamps in order to define a notion of recency. Therefore, we can check replay attacks in this new framework. Second, we extend the classic strand space theory to model protocol mixture. The main idea is to introduce a new relation rarr to model the causal relation between one primary protocol session and one of its following secondary protocol session. Accordingly, we also revisit the definition of unsolicited authentication test. To demonstrate the power of this new theory, we model the Kerberos V protocol, and prove its secrecy and authentication goals. Our framework and the proofs of the example have been mechanized using Isabelle/HOL.

An inductive approach to strand spaces

In this paper, we develop an inductive approach to strand spaces, by introducing an inductive definition for bundles. This definition provides us not only a constructive illustration for bundles, but also an effective and rigorous technique of rule induction to reason about properties of bundles. With this induction principle, we can prove that our bundle model is sound in the sense that a bundle is a causally well-founded graph. This approach also gives an alternative to rigorously prove a generalized version of authentication tests. To illustrate the applicability of our approach, we have performed case studies on verification of secrecy and authentication properties of the Needham–Schroeder–Lowe and Otway–Rees protocols. Our approach has been mechanized using Isabelle/HOL.

A novel formalization of symbolic trajectory evaluation semantics in Isabelle/HOL

This paper presents a formal symbolic trajectory evaluation (STE) theory based on a structural netlist circuit model, instead of an abstract next state function. We introduce an inductive definition for netlists, which gives an accurate and formal definition for netlist structures. A closure state function of netlists is formally introduced in terms of the formal netlist model. We refine the definition of the defining trajectory and the STE implementation to deal with the closure state function. The close correspondence between netlist structures and properties is discussed. We present a set of novel algebraic laws to characterize the relation between the structures and properties of netlists. Finally, the application of the new laws is demonstrated by parameterized verification of the properties of content-addressable memories.

Extending the Strand Space Method with Timestamps: Part I the Theory

In this paper, we present two extensions of the strand space method to model Kerberos V. First, we include time and timestamps to model security protocols with timestamps: we relate a key to a crack time and combine it with timestamps in order to define a notion of recency. Therefore, we can check replay attacks in this new framework. Second, we extend the classic strand space theory to model protocol mixture. The main idea is to introduce a new relation to model the causal relation between one primary protocol session and one of its following secondary protocol session. Accordingly, we also extend the definition of unsolicited authentication test.

The inductive approach to strand space

Strand space is a promising technique developed by Guttman et al. from MITRE company, and it provides us an intuitive and clear framework to analyze security protocols, but its mechanics of the proof tend to be quite intricate and not necessarily easy to be formalized. In this paper, we combine the inductive approach with strand space. We introduce an inductive definition for bundles, and it not only provides us a constructive illustration for a bundle, but also introduces an effective and rigorous technique of rule induction to prove properties of bundles. Using this induction principle, we not only prove that a bundle is a casually well-founded graph, but also give a rigorous proof for results of authentication tests. Our result of authentication test extends Guttman’s result to a more general case, and its proof is also much easier and clearer. As a trivial case study, we prove authentication properties of Needham-Schroeder-Lowe protocol. Our approach has been mechanized using Isabelle/HOL.

Formalizing provable anonymity in Isabelle/HOL

We formalize in a theorem prover the notion of provable anonymity. Our formalization relies on inductive definitions of message distinguishing ability and observational equivalence on traces observed by the intruder. Our theory differs from its original proposal and essentially boils down to the inductive definition of distinguishing messages with respect to a knowledge set for the intruder. We build our theory in Isabelle/HOL to achieve a mechanical framework for the analysis of anonymity protocols. Its feasibility is illustrated through two case studies of the Crowds and Onion Routing protocols.

A novel approach to parameterized verification of cache coherence protocols

Parameterized verification of parameterized protocols like cache coherence protocols is an important but hard problem. Our tool paraVerifier handles this hard problem in a unified framework: (1) it automatically discovers auxiliary invariants and the corresponding causal relations from a small reference instance of the verified protocol; (2) the above invariants and causal relation information are automatically generalized into a parameterized form to construct a parameterized formal proof in a theorem prover (e.g., Isabelle). Our method is successfully applied to typical benchmarks including snooping and directory cache coherence protocol benchmarks. The correctness of these protocols is guaranteed by a formal and readable proof which is automatically generated. The notoriously hard FLASH protocol, which is at an industrial scale, is also verified.