Rule-based dependency models for security protocol analysis

Security protocol analysis has been discussed for quite some time in the past few years. Although formal methods have been widely used to identify various vulnerabilities, mainly susceptibility to freshness attacks and impersonation, the arisen inconsistent data between principals and collusion attacks held by a group of dishonest principals have been largely ignored. Moreover, the previous methods focus on reasoning about certain security-related properties and detecting known attacks against secure message, whereas there have been insufficient efforts to handle the above hidden but powerful attacks. In this paper, we address these critical issues and prove the efficiency and intuitiveness of rule-based dependency models in defending a protocol against the attacks. This is able to provide a numerical estimation to measure he occurrence of these attacks. It will be useful in enhancing the current protocol analysis.