Data

Tools

Indexes

Applications

Experiments

Open Source Science

formal-verification-of-the-session-protocol

This repository contains the resources and files related to the formal verification of the Session protocol using the Tamarin prover. The work focuses on verifying the security properties of the Session protocol in the symbolic model, encompassing peer-to-peer message delivery and onion routing.

https://github.com/dambrosidenis/formal-verification-of-the-session-protocol

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.8%) to scientific vocabulary

Keywords

cryptographic-protocols cybersecurity formal-methods formal-verification tamarin-prover
Last synced: 6 months ago · JSON representation ·

Repository

This repository contains the resources and files related to the formal verification of the Session protocol using the Tamarin prover. The work focuses on verifying the security properties of the Session protocol in the symbolic model, encompassing peer-to-peer message delivery and onion routing.

Basic Info
  • Host: GitHub
  • Owner: dambrosidenis
  • License: mit
  • Language: Python
  • Default Branch: main
  • Homepage:
  • Size: 1.42 MB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Topics
cryptographic-protocols cybersecurity formal-methods formal-verification tamarin-prover
Created over 1 year ago · Last pushed over 1 year ago
Metadata Files
Readme License Citation

README.md

Verifying the Security Properties of the Session Protocol in the Symbolic Model with the Tamarin Prover

In recent years, the necessity for robust security in digital communications has become crucial due to the ubiquitous nature of interconnected systems. This thesis focuses on the formal verification of the Session Messaging App, an open-source messaging application designed to offer end-to-end encrypted, anonymous communication through a decentralized network. By utilizing the Tamarin prover, this work aims to rigorously verify the security properties of Session's communication protocol. The study encompasses reverse-engineering the protocol from available source code, formalizing its security properties, and analyzing both peer-to-peer message delivery (abstracting the underlying network) and the onion routing protocol that underpins the infrastructure. The results demonstrate the protocol's adherence to its security specifications within the assumed constraints, providing a comprehensive specification of the protocol and suggesting improvements for future iterations.

Repository Structure

  • CITATION.cff: Citation file for referencing this work.
  • LICENSE: License file for the repository.
  • README.md: This README file.
  • src/: Contains the source files for the Tamarin prover theories and custom oracles.
    • e2e/: Files related to the end-to-end subprotocol.
    • e2e.spthy: Tamarin theory for the e2e protocol.
    • e2eoracle.py: Custom oracle script for the e2e theory proofs.
    • e2epriorities.json: Support information for the e2e oracle.
    • onionrouting/: Files related to verifying the onion routing infrastructure.
    • onionrouting.spthy: Tamarin theory for the onion routing protocol.
    • onionroutingoracle.py: Custom oracle script for the onion routing proofs.
  • thesis.pdf: The bachelor thesis document providing detailed information on the theories, implementation, and verification process.

Getting Started

Prerequisites

To run the Tamarin prover and the custom oracles, you need to have the following installed:

  • Tamarin Prover (version 1.6.1 was used for this thesis)
  • Python (for running the custom oracles)

Running the Theories

  1. Clone the Repository:

    bash git clone https://github.com/yourusername/your-repository.git cd your-repository

  2. Navigate to the Source Directory:

    bash cd src

  3. Run the Tamarin Prover on the Theories:

    For the e2e theory:

    bash tamarin-prover e2e/e2e.spthy

    For the onion routing theory:

    bash tamarin-prover onionrouting/onionrouting.spthy

Documentation

For detailed information about the theories, implementation, and verification process, please refer to thesis.pdf. This document is the comprehensive source of information and should be the main reference point for understanding and working with the contents of this repository.

Citation

If you use this repository or find it helpful, please cite it using the information provided in CITATION.cff.

License

This repository is licensed under the terms specified in the LICENSE file.

Owner

  • Login: dambrosidenis
  • Kind: user

Citation (CITATION.cff) 

# This CITATION.cff file was generated with cffinit.
# Visit https://bit.ly/cffinit to generate yours today!

cff-version: 1.2.0
title: >-
  Formal Verification of the Session Protocol in the
  Symbolic Model
message: >-
  If you use this software, please cite it using the
  metadata from this file.
type: software
authors:
  - given-names: Denis
    family-names: D'Ambrosi
    email: dambrosidenis@gmail.com
    affiliation: University of Udine
    orcid: 'https://orcid.org/0009-0001-2275-6496'
repository-code: >-
  https://github.com/dambrosidenis/Formal-Verification-of-the-Session-Protocol
keywords:
  - Formal Verification
  - Formal Methods
  - Dolev Yao
  - Cryptographic Protocols
  - Symbolic Model
license: MIT

GitHub Events

Total
Last Year