Team Lande

Overall Objectives
Scientific Foundations
New Results
Contracts and Grants with Industry

Section: Software

Keywords : Cryptographic protocols, protocol animator, HLPSL specifications, Message Sequence Charts, execution trace.

SPAN: Security Protocol ANimator for AVISPA

Participant : Thomas Genet.

AVISPA is now a commonly used verification tool for cryptographic protocols  [32] . It is composed of four verification tools: ATSE, OFMC, SATMC and TA4SP. A protocol designer interacts with the tool by specifying a security problem (i.e. a protocol paired with a security property that the protocol is expected to achieve) in the High-Level Protocol Specification Language (HLPSL for short [38] ). The HLPSL is an expressive, modular, role-based, formal language that is used to specify control-flow patterns, data-structures, alternative intruder models and complex security properties, as well as different cryptographic primitives and their algebraic properties. These features make HLPSL well suited for specifying modern, industrial-scale protocols.

In order to help protocol designers in designing and debugging HLPSL specifications, we have developed SPAN  [43] , a tool for animating them, i.e. interactively producing Message Sequence Charts (MSC for short) which can be seen as an “Alice & Bob” trace from an HLPSL specification. Starting from such an HLPSL specification, SPAN helps to build one possible MSC corresponding to that specification. This tool can represent one or more sessions of the protocol in parallel according to the information given in the HLPSL specification. Then, MSCs are produced interactively with the user. SPAN's intruder mode makes it possible to interactively build attacks. This is of great interest when automatic verification tools do not produce the desired attack. SPAN also includes the possibility to check the values, at every moment, of the variables of each principal: the user chooses the variables of each roles he wants to monitor. The tool can save an execution trace corresponding to the execution of the protocol supervised by the user, and it is possible to reload it.

SPAN has been developed with Yann Glouche and Erwan Houssay and is registered at the APP with number IDDN.FR.001.25013.000.S.P.2007.000.10600. SPAN is distributed under the Gnu Library General Public License and freely available at in source format and as windows, linux and Mac OS binaries.

In 2008, we are now at version 1.5 that includes the ability to produce an interactive MSC trace from attacks found by the OFMC or ATSE tools. In 2007, there were more than 600 downloads of this software. In 2008, there were more than 1500. Recently, some experiments on the formalisation and verification of a protocol being developed at Thomson have been published in  [22] .


Logo Inria