A Comparative Analysis of Tools for Verification of Security Protocols (Report‪)‬

1. Introduction A protocol is a set of rules that followed the defined conventions to establish semantically correct communications between the participating entities. A security protocol is an ordinary communication protocol in which the message exchanged is often encrypted using the defined cryptographic mechanisms. The mechanisms Symmetric Key Cryptography or Asymmetric Key Cryptography are used to obtain various cryptographic attributes such as Confidentiality, Entity Authentication, Message Integrity, Non-repudiation, Message Freshness, to name a few [1]. However, merely using cryptographic mechanisms, does not guarantee security-wise semantically secure operation of the protocol, even if it is correct. There indeed have been reported breaches in the security protocols, after being published and accepted as a safe protocol [2-4]. In such a scenario, in case of the ordinary communication protocols, recourse has been taken to the rigorous verification of the same using appropriate tool for the domain. As for example, the protocol verifier SPIN is used to verify the communication protocols for distributed software [5].